On Fri, Feb 14, 2014 at 2:26 PM, Pierre Joye <[email protected]> wrote:
>
> On Feb 14, 2014 7:03 PM, "Andrey Andreev" <[email protected]> wrote:
>> ALL sources
>> say that /dev/urandom is both widely used and considered safe for
>> cryptography. Only a select few mention that it could be a bit weaker
>> in specific cases, in theory.
>
> No urandom (and similar) are not crypto safe. Totally not. They are however
> good enough for most usages but crypto safe related tasks like key
> generation and the likes. Any (good) paper mentions this.
>
> Cheers,
> Pierre
So how does openssl_random_pseudo_bytes() work without blocking then?
$ cat test.php
<?php
$crypto_strong = NULL;
$orandom = openssl_random_pseudo_bytes(32, $crypto_strong);
var_dump(bin2hex($orandom), $crypto_strong);
$mrandom = mcrypt_create_iv(32, MCRYPT_DEV_RANDOM);
var_dump($mrandom);
$ php test.php
string(64) "bc10fe2a302039bc0b1ff85b1da53d1b2dc73be515bc1ab9a4a1f8895da7357b"
bool(true)
(blocks)
If it doesn't block, it obviously doesn't use (only) /dev/random, yet
it says that the output is crypto-safe. Or is that a bug?
Cheers,
Andrey.