On 27 Jan 2017, at 5:58, internals-digest-h...@lists.php.net wrote:
One would like to think so but low entropy environments exist. The
problem
may even be getting more widespread as embedded systems become more
widespread.
Could you tell us which platforms could have problem with CSPRNG
usage?
There are two problems. One is [embedded OSs with crummy
RNGs](http://samvartaka.github.io/cryptanalysis/2017/01/03/33c3-embedded-rngs).
The other is any OS in a "low-entropy environment", fancy-talk for the
situation when the OS's techniques for gathering "noise" from devices
are frustrated by their absence, or little to no activity on those
devices, or the activity not being random.
I don't want to get into an argument about on which IoT Things you might
find PHP. But we know its growing fast, the Things are significant in
[botnets](https://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/),
and that the Things often come with a web server for admin. It's not
unreasonable to use PHP+SQLite to admin a Linux-based baby monitor, for
example.
As I stated before, I'm supposing CSPRNG availability is not a problem
for
PHP environment today,
OSes provide CSPRNG value unless there is something really bad things
happened. i.e. hardware failure,
serious OS bug.
The "[Just](http://www.2uo.de/myths-about-urandom/)
[use](https://sockpuppet.org/blog/2014/02/25/safely-generate-random-numbers/)
[urandom](https://twitter.com/FiloSottile/status/765982275515408384)"
meme spread virally in the last couple of years. That's good to help
counter the mistrust that Linux man random(4) creates and get people
away from more exotic RNGs. But it shouldn't be understood to mean "we
can always trust urandom to be present and correct".
I could be wrong about this. Do you have idea what platforms will be
affected?
For example, Lauri Kenttä has been testing with Raspberry Pi. Depending
what it's connected to, it might be.
I think PHP programs that worked before using mt_rand() should be
allowed to continue to work.
Tom
