Secure random number generation in PHP

by

I strongly recommend targeting /dev/urandom on unix systems or the crypto-api on the windows platform as an entropy source for passwords.

I can’t stress enough the importance of realizing hashes are NOT magical entropy increasing devices. Misusing them in this manner is no more secure than using the seed and rand() data before it had been hashed and I’m sure you recognize that is not a good idea. The seed cancels out (deterministic mt_rand()) and so there is no point at all in even including it.

People think they are being smart and clever and the result of their labor are fragile systems and devices which put the security of their systems and the security of other systems (via poor advice) in unecessary jeopardy.

Two wrongs don’t make a right. A system is only as strong as its weakest part. This is not a license or excuse to accept making even more of it insecure.

Here is some PHP code to obtain a secure random 128-bit string, from this comment at php.net by Mark Seecof:

“If you need some pseudorandom bits for security or cryptographic purposes (e.g.g., random IV for block cipher, random salt for password hash) mt_rand() is a poor source. On most Unix/Linux and/or MS-Windows platforms you can get a better grade of pseudorandom bits from the OS or system library, like this:

<?php
// get 128 pseudorandom bits in a string of 16 bytes

$pr_bits="";

// Unix/Linux platform?
$fp = @fopen('/dev/urandom','rb');
if ($fp !== FALSE) {
    $pr_bits .= @fread($fp,16);
    @fclose($fp);
}

// MS-Windows platform?
if (@class_exists('COM')) {
    // http://msdn.microsoft.com/en-us/library/aa388176(VS.85).aspx
    try {
        $CAPI_Util = new COM('CAPICOM.Utilities.1');
        $pr_bits .= $CAPI_Util->GetRandom(16,0);

        // if we ask for binary data PHP munges it, so we
        // request base64 return value.  We squeeze out the
        // redundancy and useless ==CRLF by hashing...
        if ($pr_bits) { $pr_bits = md5($pr_bits,TRUE); }
    } catch (Exception $ex) {
        // echo 'Exception: ' . $ex->getMessage();
    }
}

if (strlen($pr_bits) < 16) {
    // do something to warn system owner that
    // pseudorandom generator is missing
}
?>

NB: it is generally safe to leave both the attempt to read /dev/urandom and the attempt to access CAPICOM in your code, though each will fail silently on the other’s platform. Leave them both there so your code will be more portable.”

More Related Contents:

  1. Secure hash and salt for PHP passwords
  2. Generating a random password in php
  3. encrypt and decrypt md5
  4. How to create a laravel hashed password
  5. best practice to generate random token for forgot password
  6. Hiding true database object ID in url’s
  7. Fastest hash for non-cryptographic uses?
  8. Generate cryptographically secure random numbers in php
  9. Improve password hashing with a random salt
  10. How do you Encrypt and Decrypt a PHP String?
  11. Exploitable PHP functions
  12. Two-way encryption: I need to store passwords that can be retrieved
  13. Why is the hash part of the URL not available on the server side?
  14. What is the best way to stop people hacking the PHP-based highscore table of a Flash game
  15. What type of hash does WordPress use?
  16. Which $_SERVER variables are safe?
  17. What do I need to store in the php session when user logged in?
  18. PHP setcookie “SameSite=Strict”?
  19. Magic quotes in PHP
  20. Generating random numbers without repeats
  21. Is it ever ok to store password in plain text in a php variable or php constant?
  22. Best way to avoid code injection in PHP
  23. Using PHP/Apache to restrict access to static files (html, css, img, etc)
  24. Secure and Flexible Cross-Domain Sessions
  25. Can a client view server-side PHP source code?
  26. php random x digit number
  27. php: number only hash?
  28. Best way to connect to MySQL with PHP securely [duplicate]
  29. Unique key generation
  30. Is it possible to execute PHP with extension file.php.jpg?

Leave a Comment