On Mon, Feb 3, 2014 at 8:45 AM, Tjerk Meesters <tjerk.meesters@gmail.com> wrote:
> The RFC [1] states v4 is used with truly-random or pseudo-random number
> generators; it would be up to us to decide whether LCG is pseudo-random
> enough :)
Every RNG we use are "pseudo-random enough" :)
However it is important to distinguish crypto safe (f.e. /dev/random
), strong (f.e. urandom), weak (mt_rand) or totally pointless (rand
;), not sure about the working for the last one.
For UUID, strong are good enough. Crypto safe would be a overhead and
could be raise more issues that we try to solve, like over use crypto
safe entropy source way too much.
> The generated values should be hard to guess, which typically means LCG
> would not be suitable. The function (if implemented) could issue a warning
> or notice if a preferred RNG could not be used, even though
> password_hash() doesn't do this in the same scenario.
>
As we are mainly talking about sessions here, it is important to keep
an eye on what is done:
http://lxr.php.net/xref/PHP_5_5/ext/session/session.c#345
as you can see it already relies on good enough RNG on all platforms,
as long as the entropy source and length are set correctly:
http://www.php.net/manual/en/session.configuration.php#ini.session.entropy-file
About uniqid not being safe, that's fine. It is known and now well
documented (afair it was the case before too, at least for the unsafe
part).
--
Pierre
@pierrejoye | http://www.libgd.org