Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018

Random
Under the hood of PHP 7’s
Let’s get
CSPRNG
Sammy Kaye Powers
Las Vegas, NV - 2018

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Slides
Get the
joind.in/talk/0e3b7

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG?
What is the PHP 7

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
random_int()
random_bytes()

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
ext/standard/random.c

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
The end

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Random?
What is

View Slide

Red
Yellow
White
Red
Yellow
White
Red
Yellow
White
Period: 3

View Slide

Jingle all the way,
Oh what fun it is to ride
In a one-horse open sleigh
Predictable seed
Jingle bells, jingle bells

View Slide

74, 105, 110, 103, 108, 101, 32,
97, 108, 108, 32,
116, 104, 101, 32,
119, 97, 121, 44
Random, right?

View Slide

ASCII

View Slide

74, 105, 110, 103, 108, 101, 32,
chr()
J, i, n, g, l, e, ,

View Slide

97, 108, 108, 32,
What’s the next word?
a, l, l, ,

View Slide

116, 104, 101, 32,
t, h, e, ,

View Slide

74, 105, 110, 103, 108, 101, 32,
97, 108, 108, 32,
Random, right?
116, 104, 101, 32,
nope!

View Slide

Felt?
Remember how we

View Slide

74, 105, 110, 103, 108, 101, 32,
97, 108, 108, 32,
116, 104, 101, 32,
119, 97, 121, 44
What’s the meaning?
ASCII codes!
Ah, right. Carry on then.
Deterministic

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Why
did we think

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
•Think of a two-digit number
•Between one and one hundred
•Both digits odd
•Both digits different

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Are you thinking of…
37

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Humans
are bad at being random

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Environment
Can we use our
to make better random numbers?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Time?
Maybe the

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
12:00, 12:01, 12:02, 12:03, 12:04, 12:05, 12:06, 12:07, 12:08, 12:09, 12:10, 12:11, 12:12, 12:13, 12:14, 12:15, 12:16, 12:17, 12:18,
12:19, 12:20, 12:21, 12:22, 12:23, 12:24, 12:25, 12:26, 12:27, 12:28, 12:29, 12:30, 12:31, 12:32, 12:33, 12:34, 12:35, 12:36, 12:37,
12:38, 12:39, 12:40, 12:41, 12:42, 12:43, 12:44, 12:45, 12:46, 12:47, 12:48, 12:49, 12:50, 12:51, 12:52, 12:53, 12:54, 12:55, 12:56,
12:57, 12:58, 12:59, 1:00, 1:01, 1:02, 1:03, 1:04, 1:05, 1:06, 1:07, 1:08, 1:09, 1:10, 1:11, 1:12, 1:13, 1:14, 1:15, 1:16, 1:17, 1:18,
1:19, 1:20, 1:21, 1:22, 1:23, 1:24, 1:25, 1:26, 1:27, 1:28, 1:29, 1:30, 1:31, 1:32, 1:33, 1:34, 1:35, 1:36, 1:37, 1:38, 1:39, 1:40,
1:41, 1:42, 1:43, 1:44, 1:45, 1:46, 1:47, 1:48, 1:49, 1:50, 1:51, 1:52, 1:53, 1:54, 1:55, 1:56, 1:57, 1:58, 1:59, 2:00, 2:01, 2:02,
2:03, 2:04, 2:05, 2:06, 2:07, 2:08, 2:09, 2:10, 2:11, 2:12, 2:13, 2:14, 2:15, 2:16, 2:17, 2:18, 2:19, 2:20, 2:21, 2:22, 2:23, 2:24,
2:25, 2:26, 2:27, 2:28, 2:29, 2:30, 2:31, 2:32, 2:33, 2:34, 2:35, 2:36, 2:37, 2:38, 2:39, 2:40, 2:41, 2:42, 2:43, 2:44, 2:45, 2:46,
2:47, 2:48, 2:49, 2:50, 2:51, 2:52, 2:53, 2:54, 2:55, 2:56, 2:57, 2:58, 2:59, 3:00, 3:01, 3:02, 3:03, 3:04, 3:05, 3:06, 3:07, 3:08,
3:09, 3:10, 3:11, 3:12, 3:13, 3:14, 3:15, 3:16, 3:17, 3:18, 3:19, 3:20, 3:21, 3:22, 3:23, 3:24, 3:25, 3:26, 3:27, 3:28, 3:29, 3:30,
3:31, 3:32, 3:33, 3:34, 3:35, 3:36, 3:37, 3:38, 3:39, 3:40, 3:41, 3:42, 3:43, 3:44, 3:45, 3:46, 3:47, 3:48, 3:49, 3:50, 3:51, 3:52,
3:53, 3:54, 3:55, 3:56, 3:57, 3:58, 3:59, 4:00, 4:01, 4:02, 4:03, 4:04, 4:05, 4:06, 4:07, 4:08, 4:09, 4:10, 4:11, 4:12, 4:13, 4:14,
4:15, 4:16, 4:17, 4:18, 4:19, 4:20, 4:21, 4:22, 4:23, 4:24, 4:25, 4:26, 4:27, 4:28, 4:29, 4:30, 4:31, 4:32, 4:33, 4:34, 4:35, 4:36,
4:37, 4:38, 4:39, 4:40, 4:41, 4:42, 4:43, 4:44, 4:45, 4:46, 4:47, 4:48, 4:49, 4:50, 4:51, 4:52, 4:53, 4:54, 4:55, 4:56, 4:57, 4:58,
4:59, 5:00, 5:01, 5:02, 5:03, 5:04, 5:05, 5:06, 5:07, 5:08, 5:09, 5:10, 5:11, 5:12, 5:13, 5:14, 5:15, 5:16, 5:17, 5:18, 5:19, 5:20,
5:21, 5:22, 5:23, 5:24, 5:25, 5:26, 5:27, 5:28, 5:29, 5:30, 5:31, 5:32, 5:33, 5:34, 5:35, 5:36, 5:37, 5:38, 5:39, 5:40, 5:41, 5:42,
5:43, 5:44, 5:45, 5:46, 5:47, 5:48, 5:49, 5:50, 5:51, 5:52, 5:53, 5:54, 5:55, 5:56, 5:57, 5:58, 5:59, 6:00, 6:01, 6:02, 6:03, 6:04,
6:05, 6:06, 6:07, 6:08, 6:09, 6:10, 6:11, 6:12, 6:13, 6:14, 6:15, 6:16, 6:17, 6:18, 6:19, 6:20, 6:21, 6:22, 6:23, 6:24, 6:25, 6:26,
6:27, 6:28, 6:29, 6:30, 6:31, 6:32, 6:33, 6:34, 6:35, 6:36, 6:37, 6:38, 6:39, 6:40, 6:41, 6:42, 6:43, 6:44, 6:45, 6:46, 6:47, 6:48,
6:49, 6:50, 6:51, 6:52, 6:53, 6:54, 6:55, 6:56, 6:57, 6:58, 6:59, 7:00, 7:01, 7:02, 7:03, 7:04, 7:05, 7:06, 7:07, 7:08, 7:09, 7:10,
7:11, 7:12, 7:13, 7:14, 7:15, 7:16, 7:17, 7:18, 7:19, 7:20, 7:21, 7:22, 7:23, 7:24, 7:25, 7:26, 7:27, 7:28, 7:29, 7:30, 7:31, 7:32,
7:33, 7:34, 7:35, 7:36, 7:37, 7:38, 7:39, 7:40, 7:41, 7:42, 7:43, 7:44, 7:45, 7:46, 7:47, 7:48, 7:49, 7:50, 7:51, 7:52, 7:53, 7:54,
7:55, 7:56, 7:57, 7:58, 7:59, 8:00, 8:01, 8:02, 8:03, 8:04, 8:05, 8:06, 8:07, 8:08, 8:09, 8:10, 8:11, 8:12, 8:13, 8:14, 8:15, 8:16,
8:17, 8:18, 8:19, 8:20, 8:21, 8:22, 8:23, 8:24, 8:25, 8:26, 8:27, 8:28, 8:29, 8:30, 8:31, 8:32, 8:33, 8:34, 8:35, 8:36, 8:37, 8:38,
8:39, 8:40, 8:41, 8:42, 8:43, 8:44, 8:45, 8:46, 8:47, 8:48, 8:49, 8:50, 8:51, 8:52, 8:53, 8:54, 8:55, 8:56, 8:57, 8:58, 8:59, 9:00,
9:01, 9:02, 9:03, 9:04, 9:05, 9:06, 9:07, 9:08, 9:09, 9:10, 9:11, 9:12, 9:13, 9:14, 9:15, 9:16, 9:17, 9:18, 9:19, 9:20, 9:21, 9:22,
9:23, 9:24, 9:25, 9:26, 9:27, 9:28, 9:29, 9:30, 9:31, 9:32, 9:33, 9:34, 9:35, 9:36, 9:37, 9:38, 9:39, 9:40, 9:41, 9:42, 9:43, 9:44,
9:45, 9:46, 9:47, 9:48, 9:49, 9:50, 9:51, 9:52, 9:53, 9:54, 9:55, 9:56, 9:57, 9:58, 9:59, 10:00, 10:01, 10:02, 10:03, 10:04, 10:05,
10:06, 10:07, 10:08, 10:09, 10:10, 10:11, 10:12, 10:13, 10:14, 10:15, 10:16, 10:17, 10:18, 10:19, 10:20, 10:21, 10:22, 10:23, 10:24,
10:25, 10:26, 10:27, 10:28, 10:29, 10:30, 10:31, 10:32, 10:33, 10:34, 10:35, 10:36, 10:37, 10:38, 10:39, 10:40, 10:41, 10:42, 10:43,
10:44, 10:45, 10:46, 10:47, 10:48, 10:49, 10:50, 10:51, 10:52, 10:53, 10:54, 10:55, 10:56, 10:57, 10:58, 10:59, 11:00, 11:01, 11:02,
11:03, 11:04, 11:05, 11:06, 11:07, 11:08, 11:09, 11:10, 11:11, 11:12, 11:13, 11:14, 11:15, 11:16, 11:17, 11:18, 11:19, 11:20, 11:21,
11:22, 11:23, 11:24, 11:25, 11:26, 11:27, 11:28, 11:29, 11:30, 11:31, 11:32, 11:33, 11:34, 11:35, 11:36, 11:37, 11:38, 11:39, 11:40,
11:41, 11:42, 11:43, 11:44, 11:45, 11:46, 11:47, 11:48, 11:49, 11:50, 11:51, 11:52, 11:53, 11:54, 11:55, 11:56, 11:57, 11:58, 11:59
720

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
12:00, 12:01, 12:02, 12:03, 12:04, 12:05, 12:06, 12:07, 12:08, 12:09, 12:10, 12:11, 12:12, 12:13, 12:14, 12:15, 12:16, 12:17, 12:18,
12:19, 12:20, 12:21, 12:22, 12:23, 12:24, 12:25, 12:26, 12:27, 12:28, 12:29, 12:30, 12:31, 12:32, 12:33, 12:34, 12:35, 12:36, 12:37,
12:38, 12:39, 12:40, 12:41, 12:42, 12:43, 12:44, 12:45, 12:46, 12:47, 12:48, 12:49, 12:50, 12:51, 12:52, 12:53, 12:54, 12:55, 12:56,
12:57, 12:58, 12:59, 1:00, 1:01, 1:02, 1:03, 1:04, 1:05, 1:06, 1:07, 1:08, 1:09, 1:10, 1:11, 1:12, 1:13, 1:14, 1:15, 1:16, 1:17, 1:18,
1:19, 1:20, 1:21, 1:22, 1:23, 1:24, 1:25, 1:26, 1:27, 1:28, 1:29, 1:30, 1:31, 1:32, 1:33, 1:34, 1:35, 1:36, 1:37, 1:38, 1:39, 1:40,
1:41, 1:42, 1:43, 1:44, 1:45, 1:46, 1:47, 1:48, 1:49, 1:50, 1:51, 1:52, 1:53, 1:54, 1:55, 1:56, 1:57, 1:58, 1:59, 2:00, 2:01, 2:02,
2:03, 2:04, 2:05, 2:06, 2:07, 2:08, 2:09, 2:10, 2:11, 2:12, 2:13, 2:14, 2:15, 2:16, 2:17, 2:18, 2:19, 2:20, 2:21, 2:22, 2:23, 2:24,
2:25, 2:26, 2:27, 2:28, 2:29, 2:30, 2:31, 2:32, 2:33, 2:34, 2:35, 2:36, 2:37, 2:38, 2:39, 2:40, 2:41, 2:42, 2:43, 2:44, 2:45, 2:46,
2:47, 2:48, 2:49, 2:50, 2:51, 2:52, 2:53, 2:54, 2:55, 2:56, 2:57, 2:58, 2:59, 3:00, 3:01, 3:02, 3:03, 3:04, 3:05, 3:06, 3:07, 3:08,
3:09, 3:10, 3:11, 3:12, 3:13, 3:14, 3:15, 3:16, 3:17, 3:18, 3:19, 3:20, 3:21, 3:22, 3:23, 3:24, 3:25, 3:26, 3:27, 3:28, 3:29, 3:30,
3:31, 3:32, 3:33, 3:34, 3:35, 3:36, 3:37, 3:38, 3:39, 3:40, 3:41, 3:42, 3:43, 3:44, 3:45, 3:46, 3:47, 3:48, 3:49, 3:50, 3:51, 3:52,
3:53, 3:54, 3:55, 3:56, 3:57, 3:58, 3:59, 4:00, 4:01, 4:02, 4:03, 4:04, 4:05, 4:06, 4:07, 4:08, 4:09, 4:10, 4:11, 4:12, 4:13, 4:14,
4:15, 4:16, 4:17, 4:18, 4:19, 4:20, 4:21, 4:22, 4:23, 4:24, 4:25, 4:26, 4:27, 4:28, 4:29, 4:30, 4:31, 4:32, 4:33, 4:34, 4:35, 4:36,
4:37, 4:38, 4:39, 4:40, 4:41, 4:42, 4:43, 4:44, 4:45, 4:46, 4:47, 4:48, 4:49, 4:50, 4:51, 4:52, 4:53, 4:54, 4:55, 4:56, 4:57, 4:58,
4:59, 5:00, 5:01, 5:02, 5:03, 5:04, 5:05, 5:06, 5:07, 5:08, 5:09, 5:10, 5:11, 5:12, 5:13, 5:14, 5:15, 5:16, 5:17, 5:18, 5:19, 5:20,
5:21, 5:22, 5:23, 5:24, 5:25, 5:26, 5:27, 5:28, 5:29, 5:30, 5:31, 5:32, 5:33, 5:34, 5:35, 5:36, 5:37, 5:38, 5:39, 5:40, 5:41, 5:42,
5:43, 5:44, 5:45, 5:46, 5:47, 5:48, 5:49, 5:50, 5:51, 5:52, 5:53, 5:54, 5:55, 5:56, 5:57, 5:58, 5:59, 6:00, 6:01, 6:02, 6:03, 6:04,
6:05, 6:06, 6:07, 6:08, 6:09, 6:10, 6:11, 6:12, 6:13, 6:14, 6:15, 6:16, 6:17, 6:18, 6:19, 6:20, 6:21, 6:22, 6:23, 6:24, 6:25, 6:26,
6:27, 6:28, 6:29, 6:30, 6:31, 6:32, 6:33, 6:34, 6:35, 6:36, 6:37, 6:38, 6:39, 6:40, 6:41, 6:42, 6:43, 6:44, 6:45, 6:46, 6:47, 6:48,
6:49, 6:50, 6:51, 6:52, 6:53, 6:54, 6:55, 6:56, 6:57, 6:58, 6:59, 7:00, 7:01, 7:02, 7:03, 7:04, 7:05, 7:06, 7:07, 7:08, 7:09, 7:10,
7:11, 7:12, 7:13, 7:14, 7:15, 7:16, 7:17, 7:18, 7:19, 7:20, 7:21, 7:22, 7:23, 7:24, 7:25, 7:26, 7:27, 7:28, 7:29, 7:30, 7:31, 7:32,
7:33, 7:34, 7:35, 7:36, 7:37, 7:38, 7:39, 7:40, 7:41, 7:42, 7:43, 7:44, 7:45, 7:46, 7:47, 7:48, 7:49, 7:50, 7:51, 7:52, 7:53, 7:54,
7:55, 7:56, 7:57, 7:58, 7:59, 8:00, 8:01, 8:02, 8:03, 8:04, 8:05, 8:06, 8:07, 8:08, 8:09, 8:10, 8:11, 8:12, 8:13, 8:14, 8:15, 8:16,
8:17, 8:18, 8:19, 8:20, 8:21, 8:22, 8:23, 8:24, 8:25, 8:26, 8:27, 8:28, 8:29, 8:30, 8:31, 8:32, 8:33, 8:34, 8:35, 8:36, 8:37, 8:38,
8:39, 8:40, 8:41, 8:42, 8:43, 8:44, 8:45, 8:46, 8:47, 8:48, 8:49, 8:50, 8:51, 8:52, 8:53, 8:54, 8:55, 8:56, 8:57, 8:58, 8:59, 9:00,
9:01, 9:02, 9:03, 9:04, 9:05, 9:06, 9:07, 9:08, 9:09, 9:10, 9:11, 9:12, 9:13, 9:14, 9:15, 9:16, 9:17, 9:18, 9:19, 9:20, 9:21, 9:22,
9:23, 9:24, 9:25, 9:26, 9:27, 9:28, 9:29, 9:30, 9:31, 9:32, 9:33, 9:34, 9:35, 9:36, 9:37, 9:38, 9:39, 9:40, 9:41, 9:42, 9:43, 9:44,
9:45, 9:46, 9:47, 9:48, 9:49, 9:50, 9:51, 9:52, 9:53, 9:54, 9:55, 9:56, 9:57, 9:58, 9:59, 10:00, 10:01, 10:02, 10:03, 10:04, 10:05,
10:06, 10:07, 10:08, 10:09, 10:10, 10:11, 10:12, 10:13, 10:14, 10:15, 10:16, 10:17, 10:18, 10:19, 10:20, 10:21, 10:22, 10:23, 10:24,
10:25, 10:26, 10:27, 10:28, 10:29, 10:30, 10:31, 10:32, 10:33, 10:34, 10:35, 10:36, 10:37, 10:38, 10:39, 10:40, 10:41, 10:42, 10:43,
10:44, 10:45, 10:46, 10:47, 10:48, 10:49, 10:50, 10:51, 10:52, 10:53, 10:54, 10:55, 10:56, 10:57, 10:58, 10:59, 11:00, 11:01, 11:02,
11:03, 11:04, 11:05, 11:06, 11:07, 11:08, 11:09, 11:10, 11:11, 11:12, 11:13, 11:14, 11:15, 11:16, 11:17, 11:18, 11:19, 11:20, 11:21,
11:22, 11:23, 11:24, 11:25, 11:26, 11:27, 11:28, 11:29, 11:30, 11:31, 11:32, 11:33, 11:34, 11:35, 11:36, 11:37, 11:38, 11:39, 11:40,
11:41, 11:42, 11:43, 11:44, 11:45, 11:46, 11:47, 11:48, 11:49, 11:50, 11:51, 11:52, 11:53, 11:54, 11:55, 11:56, 11:57, 11:58, 11:59
BUT!

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
12:00, 12:01, 12:02, 12:03, 12:04, 12:05, 12:06, 12:07, 12:08, 12:09, 12:10, 12:11, 12:12, 12:13, 12:14, 12:15, 12:16, 12:17, 12:18,
12:19, 12:20, 12:21, 12:22, 12:23, 12:24, 12:25, 12:26, 12:27, 12:28, 12:29, 12:30, 12:31, 12:32, 12:33, 12:34, 12:35, 12:36, 12:37,
12:38, 12:39, 12:40, 12:41, 12:42, 12:43, 12:44, 12:45, 12:46, 12:47, 12:48, 12:49, 12:50, 12:51, 12:52, 12:53, 12:54, 12:55, 12:56,
12:57, 12:58, 12:59, 1:00, 1:01, 1:02, 1:03, 1:04, 1:05, 1:06, 1:07, 1:08, 1:09, 1:10, 1:11, 1:12, 1:13, 1:14, 1:15, 1:16, 1:17, 1:18,
1:19, 1:20, 1:21, 1:22, 1:23, 1:24, 1:25, 1:26, 1:27, 1:28, 1:29, 1:30, 1:31, 1:32, 1:33, 1:34, 1:35, 1:36, 1:37, 1:38, 1:39, 1:40,
1:41, 1:42, 1:43, 1:44, 1:45, 1:46, 1:47, 1:48, 1:49, 1:50, 1:51, 1:52, 1:53, 1:54, 1:55, 1:56, 1:57, 1:58, 1:59, 2:00, 2:01, 2:02,
2:03, 2:04, 2:05, 2:06, 2:07, 2:08, 2:09, 2:10, 2:11, 2:12, 2:13, 2:14, 2:15, 2:16, 2:17, 2:18, 2:19, 2:20, 2:21, 2:22, 2:23, 2:24,
2:25, 2:26, 2:27, 2:28, 2:29, 2:30, 2:31, 2:32, 2:33, 2:34, 2:35, 2:36, 2:37, 2:38, 2:39, 2:40, 2:41, 2:42, 2:43, 2:44, 2:45, 2:46,
2:47, 2:48, 2:49, 2:50, 2:51, 2:52, 2:53, 2:54, 2:55, 2:56, 2:57, 2:58, 2:59, 3:00, 3:01, 3:02, 3:03, 3:04, 3:05, 3:06, 3:07, 3:08,
3:09, 3:10, 3:11, 3:12, 3:13, 3:14, 3:15, 3:16, 3:17, 3:18, 3:19, 3:20, 3:21, 3:22, 3:23, 3:24, 3:25, 3:26, 3:27, 3:28, 3:29, 3:30,
3:31, 3:32, 3:33, 3:34, 3:35, 3:36, 3:37, 3:38, 3:39, 3:40, 3:41, 3:42, 3:43, 3:44, 3:45, 3:46, 3:47, 3:48, 3:49, 3:50, 3:51, 3:52,
3:53, 3:54, 3:55, 3:56, 3:57, 3:58, 3:59, 4:00, 4:01, 4:02, 4:03, 4:04, 4:05, 4:06, 4:07, 4:08, 4:09, 4:10, 4:11, 4:12, 4:13, 4:14,
4:15, 4:16, 4:17, 4:18, 4:19, 4:20, 4:21, 4:22, 4:23, 4:24, 4:25, 4:26, 4:27, 4:28, 4:29, 4:30, 4:31, 4:32, 4:33, 4:34, 4:35, 4:36,
4:37, 4:38, 4:39, 4:40, 4:41, 4:42, 4:43, 4:44, 4:45, 4:46, 4:47, 4:48, 4:49, 4:50, 4:51, 4:52, 4:53, 4:54, 4:55, 4:56, 4:57, 4:58,
4:59, 5:00, 5:01, 5:02, 5:03, 5:04, 5:05, 5:06, 5:07, 5:08, 5:09, 5:10, 5:11, 5:12, 5:13, 5:14, 5:15, 5:16, 5:17, 5:18, 5:19, 5:20,
5:21, 5:22, 5:23, 5:24, 5:25, 5:26, 5:27, 5:28, 5:29, 5:30, 5:31, 5:32, 5:33, 5:34, 5:35, 5:36, 5:37, 5:38, 5:39, 5:40, 5:41, 5:42,
5:43, 5:44, 5:45, 5:46, 5:47, 5:48, 5:49, 5:50, 5:51, 5:52, 5:53, 5:54, 5:55, 5:56, 5:57, 5:58, 5:59, 6:00, 6:01, 6:02, 6:03, 6:04,
6:05, 6:06, 6:07, 6:08, 6:09, 6:10, 6:11, 6:12, 6:13, 6:14, 6:15, 6:16, 6:17, 6:18, 6:19, 6:20, 6:21, 6:22, 6:23, 6:24, 6:25, 6:26,
6:27, 6:28, 6:29, 6:30, 6:31, 6:32, 6:33, 6:34, 6:35, 6:36, 6:37, 6:38, 6:39, 6:40, 6:41, 6:42, 6:43, 6:44, 6:45, 6:46, 6:47, 6:48,
6:49, 6:50, 6:51, 6:52, 6:53, 6:54, 6:55, 6:56, 6:57, 6:58, 6:59, 7:00, 7:01, 7:02, 7:03, 7:04, 7:05, 7:06, 7:07, 7:08, 7:09, 7:10,
7:11, 7:12, 7:13, 7:14, 7:15, 7:16, 7:17, 7:18, 7:19, 7:20, 7:21, 7:22, 7:23, 7:24, 7:25, 7:26, 7:27, 7:28, 7:29, 7:30, 7:31, 7:32,
7:33, 7:34, 7:35, 7:36, 7:37, 7:38, 7:39, 7:40, 7:41, 7:42, 7:43, 7:44, 7:45, 7:46, 7:47, 7:48, 7:49, 7:50, 7:51, 7:52, 7:53, 7:54,
7:55, 7:56, 7:57, 7:58, 7:59, 8:00, 8:01, 8:02, 8:03, 8:04, 8:05, 8:06, 8:07, 8:08, 8:09, 8:10, 8:11, 8:12, 8:13, 8:14, 8:15, 8:16,
8:17, 8:18, 8:19, 8:20, 8:21, 8:22, 8:23, 8:24, 8:25, 8:26, 8:27, 8:28, 8:29, 8:30, 8:31, 8:32, 8:33, 8:34, 8:35, 8:36, 8:37, 8:38,
8:39, 8:40, 8:41, 8:42, 8:43, 8:44, 8:45, 8:46, 8:47, 8:48, 8:49, 8:50, 8:51, 8:52, 8:53, 8:54, 8:55, 8:56, 8:57, 8:58, 8:59, 9:00,
9:01, 9:02, 9:03, 9:04, 9:05, 9:06, 9:07, 9:08, 9:09, 9:10, 9:11, 9:12, 9:13, 9:14, 9:15, 9:16, 9:17, 9:18, 9:19, 9:20, 9:21, 9:22,
9:23, 9:24, 9:25, 9:26, 9:27, 9:28, 9:29, 9:30, 9:31, 9:32, 9:33, 9:34, 9:35, 9:36, 9:37, 9:38, 9:39, 9:40, 9:41, 9:42, 9:43, 9:44,
9:45, 9:46, 9:47, 9:48, 9:49, 9:50, 9:51, 9:52, 9:53, 9:54, 9:55, 9:56, 9:57, 9:58, 9:59, 10:00, 10:01, 10:02, 10:03, 10:04, 10:05,
10:06, 10:07, 10:08, 10:09, 10:10, 10:11, 10:12, 10:13, 10:14, 10:15, 10:16, 10:17, 10:18, 10:19, 10:20, 10:21, 10:22, 10:23, 10:24,
10:25, 10:26, 10:27, 10:28, 10:29, 10:30, 10:31, 10:32, 10:33, 10:34, 10:35, 10:36, 10:37, 10:38, 10:39, 10:40, 10:41, 10:42, 10:43,
10:44, 10:45, 10:46, 10:47, 10:48, 10:49, 10:50, 10:51, 10:52, 10:53, 10:54, 10:55, 10:56, 10:57, 10:58, 10:59, 11:00, 11:01, 11:02,
11:03, 11:04, 11:05, 11:06, 11:07, 11:08, 11:09, 11:10, 11:11, 11:12, 11:13, 11:14, 11:15, 11:16, 11:17, 11:18, 11:19, 11:20, 11:21,
11:22, 11:23, 11:24, 11:25, 11:26, 11:27, 11:28, 11:29, 11:30, 11:31, 11:32, 11:33, 11:34, 11:35, 11:36, 11:37, 11:38, 11:39, 11:40,
11:41, 11:42, 11:43, 11:44, 11:45, 11:46, 11:47, 11:48, 11:49, 11:50, 11:51, 11:52, 11:53, 11:54, 11:55, 11:56, 11:57, 11:58, 11:59
• Session started at 4:00 pm PDT
• That was on slide #23
• If you timed my rehearsals…

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
11
random?
What makes a number

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
2, 4, 6, 8, __
10

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
1337, 42, 0, _
?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
1337, 42, 0,
1337, 42, 0,
1337, __
42

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Random?
What is isn’t
Deterministic

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
“True” Random
Measurement of atmospheric noise
Count of the number of electrons
coming off of a radioactive material

View Slide

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Can I haz
random number?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
*sigh* Take this.
42

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
0

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
2,4,8,
7,5,1
?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Number Generator
…or “PRNG” for short
Pseudorandom

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Pseudorandom?
How’s that different than just random?
Deterministic

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
2,4,8,
7,5,1
Generator
Linear Congruential

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Generator
Linear Congruential

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
The modulus
The multiplier
The increment
The seed

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
2,4,8,
7,5,

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
2,4,8,
7,5,
Deterministic

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
https://xkcd.com/221/

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
8,7,5,
1,2,

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
1,2,4,
8,7,
BUT!

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

5,1,2,4,8,7,5,
1,2,4,8,7,5,1,
2,4,8,7,5,1,2,
4,8,7,5,1,2,4,
8,7,5,1,2,4,8,
7,5,1,2,4,
Predictable
Period: 6

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
LCG
lcg_value()
PHP has a combined

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
PRNG?
Is there a better

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Twister
Mersenne
mt_rand()

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

mt_rand()
724937621,955931554,1407935661,821438740,109344
9922,603009103,1540988686,1028238631,798475733,
1057939018,671583233,1853117923,98760648,112245
3373,534404057,900958085,1712824654,476385742,2
9956470,362833620,424798798,746223917,942003531
,320462445,673296853,1351199651,141566289,16454
09515,995047403,1216151582,1115999460,175322091
7,1312071810,1553254094,1622498991,2080099801,1
704834715,1537620663,1357630828,1317892558,
219,937-1

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

mt_rand(0,99)
83,9,64,28,62,48,83,47,46,53,37,26,21,91,61,32,58,1,89,60,65,97,42,56,6,47,76,1
2,98,11,36,61,62,60,43,67,6,16,73,15,39,38,56,19,66,56,98,72,91,24,57,94,8,26,7
3,55,17,14,84,89,39,11,13,48,71,98,89,63,9,95,74,9,81,85,97,24,14,14,77,22,96,4
3,61,91,61,58,19,71,8,49,18,92,38,34,9,36,91,59,14,4,58,59,29,74,52,41,36,67,82
,67,11,0,58,51,37,4,45,56,35,50,78,91,27,39,80,27,28,95,2,82,51,72,27,41,43,74,
7,82,59,89,72,9,22,61,75,27,64,16,77,57,31,29,59,47,14,67,89,33,94,33,94,22,11,
62,9,13,61,45,78,29,3,11,99,91,52,79,63,64,43,99,53,22,16,10,53,57,15,84,16,30,
17,10,3,35,0,45,83,11,70,66,37,14,59,41,46,52,53,53,62,56,41,82,40,99,8,92,96,2
2,22,43,35,60,45,77,26,96,45,51,62,77,64,23,52,17,17,97,93,57,43,56,45,62,42,24
,62,1,59,38,70,13,34,32,48,47,1,42,48,18,2,59,47,53,10,3,66,68,93,4,53,85,20,77
,63,43,45,16,15,77,73,89,11,64,76,30,46,91,1,85,96,19,63,70,62,35,58,95,63,38,7
8,83,8,97,22,2,28,51,25,29,98,62,74,59,95,79,74,66,47,35,83,56,49,25,32,25,46,1
3,69,77,30,94,24,31,68,23,64,47,28,33,65,69,16,0,98,37,85,93,60,24,10,54,50,42,
64,11,9,13,15,84,3,23,73,83,83,72,9,2,28,23,90,73,2,47,45,93,4,32,25,75,61,98,7
3,79,66,23,20,83,11,45,67,40,39,45,0,65,40,78,74,8,79,86,38,10,87,60,99,30,35,5
0,16,29,24,19,29,16,40,57,87,26,90,1,63,63,34,44,8,36,25,38,50,10,15,17,14,40,6
,53,88,18,36,46,69,2,13,0,83,59,92,59,34,34,24,40,99,41,6,79,65,98,9,36,31,8,4,
89,98,91,80,42,10,26,72,40,50,39,25,33,45,24,70,54,89,91,53,23,12,20,40,21,25,5
5,48,11,3,84,42,5,7,21,58,85,18,52,92,94,69,20,49,3,8,55,57,4,38,52,37,64,55,82
,98,5,75,84,35,14,99,74,23,41,69,55,53,22,52,6,68,35,38,73,52,22,52,86,79,15,38
,3,20,99,36,23,77,33,80,16,97,54,88,11,77,77,99,70,26,5,75,87,4,23,8,50,79,61,5
5,80,25,58,79,25,56,9,81,6,42,27,90,58,6,62,74,25,79,81,61,23,54,92,53,16,66,22
,49,77,97,84,25,49,32,49,65,51,1,93,63,68,69,67,10,44,99,44,42,89,35,24,
624 = busted

View Slide

echo mt_rand(0,99);
11

View Slide

echo mt_rand(0,99);
9

View Slide

echo mt_rand(0,99);
60

View Slide

mt_srand(10);
echo mt_rand(0,99);
21

View Slide

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Good
randomness can be
Deterministic
(e.g. games)

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
AKA “Seed”

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
deterministic randomness is
contexts
In cryptographic
really, really, really, really
objectively…

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
BAD

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSRF
Take for example
Tokens

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Cross-site request forgery
(CSRF) tokens help prevent
unauthorized requests on
a user’s behalf.

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
A CSRF token must be
unique and unpredictable.
*don’t do this

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
I’ll just let PHP seed
mt_rand() for me.
Bad idea jeans
*Old SNL skit reference

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
What about
rand()
you ask?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Nope

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
rand()
mt_rand()
…in PHP 7.0 & below

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
rand()
Uses the system PRNG
(unreliable & inconsistent)
Is a PRNG (totes predictable)
Uniform distribution issues

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Uniform
Distribution

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
0
0.05
0.1
0.15
0.2
1 2 3 4 5 6

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
0
0.1
0.2
0.3
0.4
1 2 3 4 5 6

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Uniform Distribution
==
True Random

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
mt_rand()
Implements the MT algorithm
incorrectly
Has a modulo bias

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Modulo
Bias

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
6 % 3 = 0
8 % 3 = 2
Modulo Operator

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Random # between 0 & 1
n % 2 = 0 or 1
Use mod 2

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
rand_src() = 1, 2, or 3
2 % 2 = 0
3 % 2 = 1
1 is
more likely
1 % 2 = 1

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
rand()
mt_rand()
…in PHP 7.1 & above

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
mt_rand()
Fixes bug in MT algorithm
implementation

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
They’re totes
samezies!
rand() mt_rand()
===

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
rand() mt_rand()
Both suffer from
modulo bias
&

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Seeds aren’t
impossible to predict

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Entropy
*Could be it’s own talk

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
A measure of how
accurately we’re able
to predict the next
value in a sequence.*
* oversimpliﬁcation

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
High
entropy
harder
to predict
Low
entropy
easier
to predict

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
High
entropy
harder
to predict Good for random
number generation

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Cryptographically
Pseudorandom
Secure
Number Generator

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG
or…

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
“See Spring”
or…

View Slide

Unicorn
Magical

View Slide

Uses seeds
that are really
really
really
really
ridiculously
hard to guess

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
High
Entropy
wee!

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
impossible
It’s values are
to predict in practice
42
82

Suitable for use in
cryptographic contexts.

View Slide

mythical
Where can we ﬁnd this
creature?

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG
options in
5.x

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
openssl_random_pseudo_bytes()
mcrypt_create_iv()
/dev/urandom

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
TAKE_
to_live
TAKE_
to_lie

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
TAKE_
to_lie
5.6.11

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
5.6.12
TAKE_
to_live

View Slide

Fails
open

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
FALSE
Can return

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
empty string
Can be

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Still not done!

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
WRONG
Easy to get

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Worse
It gets

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Since the UNIX fork() system call
duplicates the entire process state, a
random number generator which does not
take this issue into account will produce
the same sequence of random numbers in
both the parent and the child […], leading to
cryptographic disaster…
https://wiki.openssl.org/index.php/Random_fork-safety

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
OpenSSL’s
be like
42
CSPRNG
82

82

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
OpenSSL cannot ﬁx the fork-safety
problem because its not in a position
to do so. However, there are [solutions]
available and they are listed below.

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Don't use
RAND_bytes

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Instead, you can read directly from
/dev/random, /dev/urandom or
/dev/srandom; or use CryptGenRandom
on Windows systems.

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Status update!
v1.1.1
(2018-09-11)

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
mcrypt_create_iv()
/dev/urandom

View Slide

Fails
open

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
/dev/urandom
mcrypt_create_iv()

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
open_basedir=/foo/dir

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
mcrypt_create_iv()
/dev/urandom

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG
New goodness
7

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG
random_int()
random_bytes()

View Slide

random_int(0,99)
6,17,6,9,17,53,58,98,46,44,62,9,76,65,46,21,42,5,65,34,11,96,85,7,46,89,98,9,9,
80,8,76,87,18,24,68,16,61,27,39,30,32,4,83,83,23,96,27,13,47,6,99,16,40,2,75,27
,3,79,68,75,60,50,70,63,17,75,29,79,57,9,48,18,86,95,25,40,52,20,86,6,48,94,27,
76,14,9,27,62,14,68,58,12,18,63,19,84,47,7,13,63,28,66,55,2,75,44,92,11,85,51,1
7,42,57,22,4,53,7,3,76,48,55,95,7,45,33,87,36,11,17,66,6,46,87,57,48,22,31,65,5
,26,10,47,82,97,74,25,32,63,60,29,53,13,24,56,54,52,86,67,4,94,35,48,73,35,45,2
4,74,74,83,49,70,41,49,20,60,29,49,30,35,38,63,4,86,72,97,26,22,36,95,59,94,24,
89,73,46,14,73,51,93,93,39,13,80,9,30,24,20,30,63,20,64,97,29,7,2,82,96,42,61,5
3,28,49,12,90,71,58,72,63,49,32,69,76,50,62,88,31,26,72,79,19,15,3,39,27,80,16,
65,62,53,82,59,23,85,95,41,68,86,3,92,76,91,88,12,20,96,14,35,50,94,24,23,44,55
,78,65,81,7,1,86,32,58,46,97,43,78,9,51,1,6,79,73,49,13,40,21,90,14,9,70,95,88,
37,85,14,7,29,42,55,81,46,39,41,45,81,11,93,26,89,4,98,35,30,36,74,97,18,85,97,
23,52,64,88,20,89,12,25,19,21,21,50,60,50,43,84,1,52,5,19,2,86,38,51,48,30,55,9
0,93,97,52,84,29,58,96,78,37,24,14,72,81,9,82,26,83,83,17,35,15,9,87,95,51,71,4
8,9,45,13,61,98,3,18,96,99,28,74,47,58,71,89,68,57,51,86,90,38,21,72,72,30,22,1
3,88,25,48,45,62,59,81,32,10,54,82,60,90,17,98,41,73,98,60,22,99,66,32,41,82,62
,91,3,85,91,21,17,98,19,48,50,24,67,3,14,62,55,35,99,95,83,76,12,51,77,61,24,24
,60,15,31,47,24,27,97,98,70,6,24,25,20,23,67,72,55,47,19,53,50,38,22,76,37,63,8
2,67,52,3,75,84,84,71,49,79,26,89,11,77,55,92,32,81,38,23,54,9,40,80,75,20,7,58
,37,72,75,59,46,32,41,82,90,72,59,5,42,2,94,44,44,4,15,37,29,24,10,51,18,8,42,5
6,9,68,31,99,7,77,59,8,74,80,11,15,93,81,5,72,44,49,39,25,4,18,98,0,93,42,78,36
,57,47,16,49,2,85,6,31,17,81,10,54,40,95,68,31,80,29,41,86,32,9,58,96,62,79,25,
6,45,56,54,0,61,74,90,12,34,11,56,3,41,39,84,32,30,42,81,36,43,5,

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
bin2hex(random_bytes(16))
f7f5289027cb6c5116d
2d3cc78e5819c

View Slide

Fails
Closed

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
You’re not strong until
you’re crypto-strong!

View Slide

CSPRNG
under the hood

View Slide

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
On Windows: CryptGenRandom
On BSD: arc4random_buf()
On Linux: getrandom(2) syscall
Read directly from /dev/urandom

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
/dev/urandom
So what is this
thing?

View Slide

/dev/urandom
Gathers environmental noise
from the system like…
…device drivers, inter-keyboard
timings, inter-interrupt timings
from some interrupts, and
other events which are both
(a) non-deterministic and
(b) hard for an outside
observer to measure.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/char/random.c

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
CSPRNG
random_bytes()
random_int()
7
/dev/urandom
Powered by

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Still on 5.x?
paragonie/random_compat
Polyﬁll for PHP 7 CSPRNG

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
http://php.net/supported-versions.php
5.6 EOL in 75 days

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
http://php.net/supported-versions.php
7.0 EOL in 47 days

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
FAQ’s

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Benchmarks*
* are lies

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
If random_bytes()
random_int() are…
…why not
update
mt_rand()

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
TL;DR
Never use LCG, MT, or any other PRNG in
cryptographic contexts
Only use a CSPRNG like
/dev/urandom for crypto
Use random_bytes() & random_int() in
PHP (or install paragonie/random_compat)

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
More Resources

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Recommendation for the
Entropy Sources Used for
Random Bit Generation
Final Draft - NIST SP 800-90B
https://csrc.nist.gov/publications/detail/sp/800-90b/ﬁnal

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
New & improved man pages for
/dev/urandom
http://man7.org/linux/man-pages/man7/random.7.html

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Myths about
/dev/urandom
Thomas Hühn
https://www.2uo.de/myths-about-urandom/
With pretty pictures!

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Cracking Random Number Generators
Three-part blog post series
James Roper
https://jazzy.id.au/2010/09/20/cracking_random_number_generators_part_1.html

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
How I Met Your Girlfriend
DEF CON 18
Samy Kamkar
https://www.youtube.com/watch?v=fWk_rMQiDGc

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Weak RNG in PHP session ID generation
leads to session hijacking
Andreas Bogk
http://seclists.org/fulldisclosure/2010/Mar/519

View Slide

joind.in/talk/0e3b7
@SammyK #zcoe18
Sammy Kaye Powers
Thanks!
/talk/0e3b7
@SammyK
SammyK.me
Host of @PHPRoundtable

View Slide

Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018

Let's get random: Under the hood of PHP 7's CSPRNG - ZendCon & OpenEnterprise 2018

Sammy Kaye Powers

More Decks by Sammy Kaye Powers

Other Decks in Programming

Featured

Transcript