Re: unify entropy source for all php related functions

From:	Pierre Joye	Date:	Fri, 14 Feb 2014 15:41:04 +0000
Subject:	Re: unify entropy source for all php related functions
References:	1 2 3 4 5 6 7	Groups:	php.internals
Request:	Send a blank email to [email protected] to get a copy of this message

On Feb 14, 2014 10:30 PM, "Jakub Zelenka" <[email protected]> wrote:

> The point is that OpenSSL considers /dev/urandom strong enough for
seeding CSPRNG.

The point here is about whether /Dev/urandom is cs or not. It is not. It
may be (on recent updated systems) enough to be used as seed but not to
actually generate cs random data.

Also it is important to keep mind that openssl does more than simply read
from urandom or random to generate data. That's outside the scope of what
is proposed here.

Cheers,
Pierre


   

Thread (32 messages)

• Pierre JoyeFri, 07 Feb 2014 11:25:45 +0000
  • Tjerk MeestersFri, 07 Feb 2014 11:42:46 +0000
    • Pierre JoyeFri, 07 Feb 2014 11:46:15 +0000
    • Yasuo OhgakiSat, 08 Feb 2014 04:50:49 +0000
  • Pádraic BradyFri, 07 Feb 2014 11:53:00 +0000
    • Pierre JoyeFri, 07 Feb 2014 11:55:10 +0000
  • Nikita PopovFri, 07 Feb 2014 12:13:59 +0000
    • Pierre JoyeFri, 07 Feb 2014 12:23:48 +0000
      • Pierre JoyeFri, 07 Feb 2014 12:29:53 +0000
  • Nikita PopovFri, 07 Feb 2014 12:58:31 +0000
    • Pádraic BradyFri, 07 Feb 2014 15:43:20 +0000
  • Yasuo OhgakiSat, 08 Feb 2014 04:48:11 +0000
    • Pierre JoyeSat, 08 Feb 2014 07:13:35 +0000
  • Yasuo OhgakiThu, 13 Feb 2014 07:21:07 +0000
    • Pierre JoyeThu, 13 Feb 2014 07:57:39 +0000
      • Yasuo OhgakiThu, 13 Feb 2014 08:46:38 +0000
        • Yasuo OhgakiThu, 13 Feb 2014 09:11:44 +0000
          • Pierre JoyeThu, 13 Feb 2014 09:36:27 +0000
            • Yasuo OhgakiThu, 13 Feb 2014 10:42:01 +0000
• Daniel LowreyFri, 07 Feb 2014 12:31:36 +0000Re: unify entropy source for all php related functions
• Andrey AndreevFri, 14 Feb 2014 12:03:12 +0000Re: unify entropy source for all php related functions
  • Pierre JoyeFri, 14 Feb 2014 12:26:13 +0000
    • Andrey AndreevFri, 14 Feb 2014 13:02:20 +0000
      • Jakub ZelenkaFri, 14 Feb 2014 13:10:48 +0000
      • Pierre JoyeFri, 14 Feb 2014 13:53:00 +0000
        • Jakub ZelenkaFri, 14 Feb 2014 14:19:22 +0000
          • Andrey AndreevFri, 14 Feb 2014 14:54:54 +0000
            • Jakub ZelenkaFri, 14 Feb 2014 15:30:38 +0000
              • Pierre JoyeFri, 14 Feb 2014 15:41:04 +0000
              • Pádraic BradySat, 15 Feb 2014 11:59:34 +0000
                • Jakub ZelenkaSat, 15 Feb 2014 12:50:32 +0000
          • Pierre JoyeFri, 14 Feb 2014 15:09:33 +0000