On Fri, Feb 7, 2014 at 12:25 PM, Pierre Joye <[email protected]> wrote:
> hi,
>
> There are a lot of additions and discussions about entropy source and
> (P)RNG lately.
>
> PHP already has a ini setting to define a strong entropy source for
> the session module, which defaults to urandom or arandom.
>
> I would like to create two settings to unify the entropy source
> accross php functions. That includes mcrypt, new password APIs,
> session, LCG, etc.
>
> Something along this line:
>
> random.entropy_strong_source (/dev/(u|a)random etc.)
> random.entropy_crypto_source (/dev/random etc.)
>
> I am not willing to propose new RNG functions or extensions for 5.6 as
> we have way too little time to actually discuss its design and APIs.
> However having these settings unified and documented would be a good
> step forward already.
>
I'm not sure I understand this proposal and/or its purpose. Different
applications have different requirements on the strength of the random
number generator. As such this is something that needs to be specified on
every use, rather than a (global) ini setting.
If your proposal is to have different different "categories" of randomness
(the names indicate "strong" and "crypto"), then I see little point in
having inis for this, rather than letting PHP choose an appropriate source
(from that category) that is available on the system. Also, if you want to
introduce such categories, you should also clarify how they will be used
with the individual functions. Does that mean mcrypt_create_iv will have
additional MCRYPT_STRONG and MCRYPT_CRYPTO options that will then use the
source specified by the respective inis? Will the same also be added to
openssl_pseudo_random_bytes as a (third) parameter?
And what do you mean by LCG? Do you mean the lcg_value() generator for
floating point numbers? I don't see how that function is supposed to make
use of these options. After all, the name already says that it uses a
linear congruential generator, so that should be what it uses. Or do you
mean to use the specified randomness source for the seed? That doesn't make
a lot of sense to me, as you'd be sticking a strong random seed into a
very, very weak prng.
I feel like these ini settings make things only more confusing. I'd much
more appreciate the introduction of a function for generating random bytes
in the standard library, that supersedes the individual extension functions.
Nikita