> On 12 Jan 2015, at 09:31, Andrea Faulds <a...@ajf.me> wrote: > > Hi Rasmus, > >> On 12 Jan 2015, at 09:06, Rasmus Lerdorf <ras...@lerdorf.com> wrote: >> >> Yes, there is plenty of code out there that relies on srand()+rand() >> returning a repeatable sequence of pseudo-random numbers. I have written >> some myself. C devs are very familiar with this behaviour of srand. > > C devs are also familiar with the usage of strtok, but it doesn't make an API > with global state any less flawed. > > The problem with rand() and srand() is they're used for three different > purposes, only one of which they're terribly fitting for: > > - To produce a non-repeatable sequence of random numbers (works OK if srand() > isn't used) > - To produce a repeatable sequence of random numbers (works, but only if you > and the sole user of the global random number generator, which is not > guaranteed by any means)
Oops, I accidentally sent that before finishing. - To generate cryptographic keys - a seeded random number generator should NEVER be used for this, but because PHP is so lacking in good facilities to obtain random data for cryptographic purposes, unfortunately rand() is used more than it should be. rand() is already pretty bad, but the existence of srand() makes this a particular problem. Everything shares the same random number generator, which makes it worse, as something might seed it and now your key is easily predictable. This is why Suhosin disabled srand by default: it is, unfortunately, also a security issue. -- Andrea Faulds http://ajf.me/ -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
