Peter, > Whether or not a CSPRNG is needed depends on what you're doing, your > needed level of security. Perhaps add a parameter to control this, so > it would be possible to make use of this function even if you need the > maximum level of security? If it's not available, the function should > fail in some suitable fashion.
For password hashing, it won't ever be needed for the salt. The salt is not a secret in the context of cryptography. But, on that note, if we were adding a stronger PRNG generator, it would be good to expose it natively. And that native exposure would likely take a parameter for CS-safe PRNG... Just my $0.02... > *snip* > >> Or, we could implement a system like I did in >> https://github.com/ircmaxell/PHP-CryptLib/tree/master/lib/CryptLib/Random >> that follows RFC4086: http://tools.ietf.org/html/rfc4086#section-5.2 >> Where it mixes together several sources of weak and moderate strength >> PRNG... > > Will the entropy multiply by mixing sources? I.e. will the result be > "more random"? Won't it just be as random as the most random source? No, it will not multiply. It can in practice increase from the strongest source. But it will never be *weaker* than the strongest source. The reason for a mixing function like that, is that you're pulling entropy from multiple sources. So if a single source is compromised (say mt_rand is compromised with a known seed value), it doesn't reduce the overall strength of the generated value. If the strongest source is compromised, it will still be at least as strong as the next weakest source... Anthony > Other than that, the SPL version seems like a nice idea. > > Regards > Peter > > -- > <hype> > WWW: plphp.dk / plind.dk > LinkedIn: plind > BeWelcome/Couchsurfing: Fake51 > Twitter: kafe15 > </hype> -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
