Differences

This shows you the differences between two versions of the page.

--- rfc:rng_fixes [2016/06/14 14:45] – leigh
+++ rfc:rng_fixes [2016/06/16 18:48] – leigh
@@ Line 19: / Line 19: @@
 ===== Proposal =====
-There are several proposals up for discussion, which I hope to fine-tune, improve upon, or eliminate completely during the discussion phase. The proposals are:
+There are several proposals up for discussion that I hope to fine-tune, improve upon or eliminate completely during the discussion phase. The proposals are:
   * Replace mt_rand() and rand() to a strong, modern RNG.
@@ Line 35: / Line 35: @@
 This change would alter the output streams of both functions, however it fixes:
-  * Incorrect implementation of mt_rand (with documentation to say it is no longer mt_rand)
+  * Incorrect implementation of <php>mt_rand()</php> (with documentation to say it is no longer <php>mt_rand()</php>)
   * Platform-specific outputs
   * Poor scaling of bounded outputs
+This would also give a performance benefit to heavy users of the functions, as <php>mt_rand()</php> is very slow.
 == Fix mt_rand() implementation ==
 The implementation of <php>mt_rand()</php> in PHP contains a typo that makes it generate a different sequence of numbers to the original mt19937 implementation. [[https://bugs.php.net/bug.php?id=71152|See bug #71152]]
-It is not known if the period or the quality of the output from the RNG is negatively affected due to this typo.
+It is not known if the period of the RNG is negatively affected due to this typo, although statistical analysis suggests that the quality of the output is unaffected.
 As <php>mt_rand()</php> can be seeded for repeatable sequences the current implementation makes it incompatible with other systems that do use correct implementations. However fixing it also means that the sequence generated for a given seed in PHP will also now be different.
@@ Line 57: / Line 59: @@
 == Replace insecure uses of php_rand() with php_random_bytes() ==
-There are several instances where rand() is used internally in a security sensetive context
+There are several instances where <php>rand()</php> is used internally in a security sensetive context
   * <php>crypt()</php> salt generation
   * SOAP HTTP auth nonce generation
-  * <php>mcrypt_create_iv()</php> fallback
+  * <php>mcrypt_create_iv()</php> fallback with invalid source.
 These instances should all be fixed to use the secure random number generator (even mcrypt which is deprecated)
+== Make array_rand() more efficient ==
+It has been noted that ([[http://php.net/manual/en/function.array-rand.php#117114|array_rand() produces weird and very uneven random distribution]]). As the above proposals change the output of <php>array_rand()</php> anyway, we can fix this at the same time.
 ===== Backward Incompatible Changes =====
@@ Line 96: / Line 101: @@
 ===== Proposed Voting Choices =====
-This will be an all or nothing vote (after discussion), and as the changes are functional, will require a 50%+1 majority to pass.
+Individual votes will be held for the remaining proposals, and since minor BC breaks are introduced they will require a 2/3 majority to pass.
 ===== Patches and Tests =====
-WIP - I will release a patch after a week or so of discussion has taken place
+WIP - I will release a patch after a week or so of discussion has taken place when there is a better idea of which proposals are wanted.
 ===== Implementation =====

Differences

Page Tools