Random number key length is not to RFC 5054

Issue #10 resolved
simon repo owner created an issue

The server method protected function createRandomBigIntegerInRange() just calls protected function getSecureRandom($bits = 64) passing no arguments. That is actually a typo as it is 64 bytes which gives a 512 bit random number. RFC 5054 says that the minimum bits should be 256 and that the number should be in the range 1 to N. If N is 1024 then we are using twice the minimum bits bits but half the recommended bits of the RFC.

It is really cheap to generate a random number of bit length equal to the bit length of N (typically >=1024 bits). Given that PHP installs have a history of not quite so good random numbers using the full bit length is a good idea. Then to put it into the range recommended by RFC 5054 which is [1,N) we can simply mod(N) the random and loop if it is zero.

Comments (5)

  1. simon reporter

    Upgraded the random number generator logic into a common superclass which uses a min of 256 bits but which will otherwise use the bit length of N to generate a or b rounded up to the next byte.

    Some diagnostic test output is presented here.

  2. Log in to comment