Page 2 of 2
Re: Generate a random string (email verification etc), need hash
Posted: Fri Jan 08, 2010 12:02 pm
by batfastad
Perfect, thanks
pickle 
Thought I better get that confirmed before I started hammering through this project
Cheers, B
Re: Generate a random string (email verification etc), need hash
Posted: Sat Jan 09, 2010 4:20 am
by kaisellgren
microtime() is not an always incrementing value and it gives us a strength of 19.93-bits.
The two suggestions "hashing user's email" and "using microtime" are bad. batfastad's threat model here is hardly a collision. What he wants is to ensure that no one can predict the secret hex number he sent to the user's email. The best way would be to gather strong random data and encode it.
batfastad wrote:If I'm getting strong random from /dev/urandom (way stronger than uniqid(mt_rand()), then I shouldn't need to hash it.
Right?
Yes. You can just encode it with bin2hex(), for instance. Hashing here does not make any sense at all. It's only useful in situations like when you use mt_rand(), because otherwise you would leak the state of your random number generator. In case of /dev/urandom, the generator is clearly seeded with unpredictable data (with information that requires at least hardware and system access in order to be possible to predict, although still laborious) and thus you will not leak the state.
Re: Generate a random string (email verification etc), need hash
Posted: Sat Jan 09, 2010 4:59 am
by Apollo
One reason I would still prefer something like sha1(time().uniqid(mt_rand(),true)) is that it's platform independent. The /dev/urandom method won't work on Windows machines.
Re: Generate a random string (email verification etc), need hash
Posted: Sat Jan 09, 2010 5:14 am
by kaisellgren
That is right. I'm developing a PHP security library for these kinds of reasons. Fortunately, the library is pretty much platform independent.

Re: Generate a random string (email verification etc), need hash
Posted: Sat Jan 09, 2010 5:19 am
by batfastad
Apollo wrote:One reason I would still prefer something like sha1(time().uniqid(mt_rand(),true)) is that it's platform independent. The /dev/urandom method won't work on Windows machines.
Yeah that's true. I've written a function which uses that if /dev/urandom can't be opened.
However our websites would never be hosted on Windows for variety of other reasons. Always best to do things cross-platform when possible though.
Thanks for the further info Kai

Look forward to checking out a security library if you release it
