On Sun, Feb 5, 2017 at 2:49 AM, Yasuo Ohgaki <yohg...@ohgaki.net> wrote:
> There is something like a weird pattern to your attempts to help PHP >> programmers use the wrong function for the job -- HKDF for passwords, >> uniqid and mt_rand for unpredictable randoms. >> > > Do you know uniqid()'s entropy is extremely weak? > Do you know current mt_rand()'s extropy is extremely weak? > > Are you saying current implementation is the best way that it should be? > If you think so, please explain why these aren't weak and implementation > is optimal. > Please note that the mt_rand() RFC is titled Improve predictable PRNG random and RNG API https://wiki.php.net/rfc/improve_predictable_prng_random And also please note that PHP 7.1 breaks existing code in the way random number being NON random. Non random value // We need the same random numbers heresrand <http://www.php.net/srand>(1234); for ($i=0; $i < 10; $i++) { // Use my PRNG state $my_rand[] = rand <http://www.php.net/rand>(); } // Somewhere later in code AND/OR even other requests // We need somewhat random numbers for non CS purposefor ($i=0; $i < 10; $i++) { // following mt_rand() is NOT RANDOM at all $my_other_rand[] = mt_rand <http://www.php.net/mt_rand>(); } *Above code worked as it should. PHP 7.1 broke this code.* Similarly, shuffle()/etc are broken by PHP 7.1. // We need the same random numbers heremt_srand <http://www.php.net/mt_srand>(1234); for ($i=0; $i < 10; $i++) { // Use my PRNG state $my_rand[] = mt_rand <http://www.php.net/mt_rand>(); } // Somewhere later in code AND/OR even other requests // We need to shuffle randomlyshuffle <http://www.php.net/shuffle>($my_random_array); // This is NOT RANDOM at all *These behaviors are not limited to specific request that calls mt_srand($some_value)/srand($some_value), but applies to consecutive requests.* PHP should have system and user PRNG state to resolve this behavior. This should ring your bell even without knowing mt_rand()/rand() implementation. IMHO. Please also note that current uniqid() CAN produce NON unique value easily. I don't paste RFC, please read it. Regards, -- Yasuo Ohgaki yohg...@ohgaki.net
