rfc:rng_fixes
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
rfc:rng_fixes [2016/05/03 10:03] – created leigh | rfc:rng_fixes [2016/07/07 11:01] – leigh | ||
---|---|---|---|
Line 3: | Line 3: | ||
* Date: 2016-05-03 | * Date: 2016-05-03 | ||
* Author: Leigh T < | * Author: Leigh T < | ||
- | * Status: | + | * Status: |
* First Published at: https:// | * First Published at: https:// | ||
===== Introduction ===== | ===== Introduction ===== | ||
- | There are several long standing issues with random number generation that need to be addressed: | + | There are several long standing issues with random number generation that should |
* Incorrect implementations | * Incorrect implementations | ||
Line 19: | Line 19: | ||
===== Proposal ===== | ===== Proposal ===== | ||
- | == Fix mt_rand_() output | + | There are several proposals up for discussion. |
+ | |||
+ | * Fix the current mt_rand() implementation, | ||
+ | * Alias rand() to mt_rand(). | ||
+ | * Fix RAND_RANGE for large ranges. | ||
+ | * Replace insecure uses of php_rand() with php_random_bytes() | ||
+ | * Make array_rand() more efficient | ||
+ | |||
+ | == Fix mt_rand() implementation | ||
The implementation of < | The implementation of < | ||
- | It is not known if the period or the quality of the output | + | [[https:// |
+ | |||
+ | As < | ||
+ | |||
+ | The legacy implementation will be preserved and be selectable with a new `mt_rand_mode(int $mode)` function, along with new constants representing the two modes. The default will be the fixed algorithm. | ||
- | As <php>mt_rand()</ | + | <doodle title=" |
+ | * Yes | ||
+ | * No | ||
+ | </doodle> | ||
== Alias rand() to mt_rand() == | == Alias rand() to mt_rand() == | ||
< | < | ||
- | Aliasing it to < | + | Aliasing it to < |
- | == Replace | + | <doodle title="Alias rand() to mt_rand()" |
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | |||
+ | == Fix RAND_RANGE() == | ||
The macro used to scale the output of an RNG between two bounds is insufficient for large ranges. ([[https:// | The macro used to scale the output of an RNG between two bounds is insufficient for large ranges. ([[https:// | ||
The proposed fix is to concatenate multiple outputs for ranges exceeding 32 bits, and use rejection sampling (the same as used in < | The proposed fix is to concatenate multiple outputs for ranges exceeding 32 bits, and use rejection sampling (the same as used in < | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
== Replace insecure uses of php_rand() with php_random_bytes() == | == Replace insecure uses of php_rand() with php_random_bytes() == | ||
- | There are several instances where rand() is used internally in a security sensetive context | + | There are several instances where <php>rand()</ |
* < | * < | ||
* SOAP HTTP auth nonce generation | * SOAP HTTP auth nonce generation | ||
- | * < | ||
These instances should all be fixed to use the secure random number generator (even mcrypt which is deprecated) | These instances should all be fixed to use the secure random number generator (even mcrypt which is deprecated) | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
+ | |||
+ | == Make array_rand() more efficient == | ||
+ | It has been noted that ([[http:// | ||
+ | |||
+ | <doodle title=" | ||
+ | * Yes | ||
+ | * No | ||
+ | </ | ||
===== Backward Incompatible Changes ===== | ===== Backward Incompatible Changes ===== | ||
Line 54: | Line 91: | ||
* < | * < | ||
* < | * < | ||
- | * < | ||
===== Proposed PHP Version(s) ===== | ===== Proposed PHP Version(s) ===== | ||
Line 70: | Line 106: | ||
==== New Constants ==== | ==== New Constants ==== | ||
- | None | + | MT_RAND_MT19937 (correct implementation mode) |
+ | MT_RAND_PHP (unofficial implementation mode) | ||
===== Open Issues ===== | ===== Open Issues ===== | ||
Line 76: | Line 113: | ||
===== Proposed Voting Choices ===== | ===== Proposed Voting Choices ===== | ||
- | This will be an all or nothing vote (after discussion), and as the changes | + | Individual votes will be held for the remaining proposals, and since minor BC breaks |
===== Patches and Tests ===== | ===== Patches and Tests ===== | ||
- | WIP | + | https:// |
===== Implementation ===== | ===== Implementation ===== | ||
Line 85: | Line 122: | ||
===== References ===== | ===== References ===== | ||
- | Links to external references, discussions or RFCs | ||
===== Rejected Features ===== | ===== Rejected Features ===== | ||
None | None |
rfc/rng_fixes.txt · Last modified: 2017/09/22 13:28 by 127.0.0.1