Menu
▾
▴
Re: [SM-DEVEL] reviewing random seeding
|
From: Paul L. <pa...@sq...> - 2008-08-21 11:18:09
|
On Thu, Aug 21, 2008 at 3:12 AM, Thijs Kinkhorst <ki...@sq...> wrote: > Hey all, > > I've reviewed the seeding of the random number generator we do within > SquirrelMail and have found the following points: > > 1) The mail_fetch function uses not so secure seeding of srand(). > > However, the encryption used there is advertised as insecure anyway. I > wonder whether we should not just remove that feature altogether. > Trivially cracked encryption can be worse than no encryption because the > effect is the same for an attacker but it may create some sense of > security. What value does the function add if it's trivially cracked? OTOH, as long as admins know it is weak, then we've done our part, and having the weak algorithm does discourage amateur hackers. What about replacing with a known better algorithm? Isn't there somewhere we are using something better? > 2) php_combined_lcg() in global.php seeds the random number generator in a > not so secure fashion. > > I believe we should just rip out this seeding and replace it with a call > to sq_mt_randomize() instead so we have this code only in one place. Sure, seems OK. It was probably put there because that section is a direct rip (apparently) from Gallery. > 3) The behaviour of sq_mt_randomize() itself needs to be reviewed. > > We currently re-seed it with several unpredictable values. We need to find > out whether re-seeding it actually adds randomness or just 'resets' the > thing so only the last one is useful. > > PHP doesn't require seeding for versions 4.2 and up, but the PHP > implementation is reportedly limited in randomness unfortunately. The > newest suhosin patch is supposed to address that. |