On Wed, Sep 12, 2012 at 12:57 PM, Scott MacVicar <sc...@macvicar.net> wrote: > "There is no requirement for them to be cryptographically secure. " > What stops the salt from being cryptographically secure? I think it should be > a goal or we should state what parts aren't cryptographically secure, is it > the random data source?
A salt (similar to a nonce), only needs to be unique within the system (see "Practical Cryptography" by Ferguson and Schneier) > "The salt parameter, if provided, will be used in place of an auto-generated > salt." > This is setting someone up for failure by letting them put in something weak, > you should be forced to get an auto-generated salt. If this is for unit > testing then it should be explicitly stated. Again, the salt is only weak IFF it is not unique within that particular system (app, website, etc.) Making the easier option be the one that ensures the uniqueness seems reasonable here, as most developers will use the provided functionality, whilst maintaining the developers more comfortable with the security requirements involved with customization to do so with some modest extra work. Adam -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
