Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
Erlang Programming
Home
+ new post
About this group
Join this group
Message from discussion Password generator in Erlang
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Raimo Niskanen  
View profile  
 More options Aug 17 2012, 10:56 am
From: Raimo Niskanen <raimo+erlang-questi...@erix.ericsson.se>
Date: Fri, 17 Aug 2012 16:56:13 +0200
Local: Fri, Aug 17 2012 10:56 am
Subject: Re: [erlang-questions] Password generator in Erlang
Print | View thread | Show original | Report this message | Find messages by this author

On Fri, Aug 17, 2012 at 04:38:06PM +0200, Zabrane Mickael wrote:
> Hi Samuel,

> Great feedbacks.

> I'll try to find out how to generate good seeds.
> May be some braves Erlangers know the answer?

The simple answer is as mentioned before in this thread
to use crypto:strong_rand_bytes/1, as it will with OS and library
support take care of the seeding itself. This will be
what is considered secure enough by the writers of OpenSSL.

  strong_rand_bytes(N) -> binary()

    Types:
        N = integer()

    Generates N bytes randomly uniform 0..255, and returns the
    result in a binary. Uses a cryptographically secure prng
    seeded and periodically mixed with operating system provided
    entropy. By default this is the RAND_bytes method from OpenSSL.

    May throw exception low_entropy in case the random generator
    failed due to lack of secure "randomness".

/ Raimo

> Regards,
> Zabrane

> On Aug 17, 2012, at 12:53 PM, Samuel wrote:

> >> The second implementation is more secure in that sense, but still the
> >> original seed is guessable. An attacker can generate possible password
> >> sequences by bruteforce just tying possible now tuples around the time
> >> he thinks the real seed was created.

> >> So, how one can generate a secure un-predicatable seeds?

> > That's the tricky part :) At least you have to avoid generating
> > clearly predictable seeds as the seed is your private key in this
> > case. With the seed anyone can reproduce the sequence.

> > crypto:strong_rand_bytes strives for better security properties, and I
> > understand it abstracts how to generate a good key for you, trying to
> > suck entropy from your system (so you may need to sit there banging
> > the keys and moving the mouse around for that ;) )

> > I am not a security expert by far, I just know some things that do not
> > work :). For things that work, the common approach is relying in
> > popular libraries not known to be broken. and trying not to use them
> > in a fancy way as the history is full of famous broken cryptographic
> > uses (you can read about flaws CSS, WEP, etc).

> > Of course, whether that approach is advisable or not is more a
> > philosophical question, not knowing they are not broken doesn't mean
> > that no one knows how to break them and has the key access information
> > is thought to be safely encrypted :)

> >> We also moved to "Tiny Mersenne Twister"
> >> (https://github.com/jj1bdx/tinymt-erlang) instead of using
> >> the standard random:uniform since the last Yaws security alert
> >> (http://erlang.org/pipermail/erlang-questions/2012-June/067626.html).
> >> Is this sufficient or should we also find a way to generate a unpredicatble
> >> seed for it?

> > As said, I am not a security expert, but as far as I can read, the
> > goals of that algorithm are to keep a small state with good
> > statistical properties, it says nothing about security (which doesn't
> > necessarily mean it is insecure, of course). A PRG can have good
> > statistical properties and still be insecure, being a secure PRG is a
> > stronger assumption. That is why erlang:random is fine for non
> > cryptographic uses, but for security you need something more complex.

> > Anyway, you always need a seed no one can guess. Same seed, same
> > sequence, so if someone guesses your seed it basically gets all your
> > passwords in return.

> > Regards
> > --
> > Samuel

> _______________________________________________
> erlang-questions mailing list
> erlang-questi...@erlang.org
> http://erlang.org/mailman/listinfo/erlang-questions

--

/ Raimo Niskanen, Erlang/OTP, Ericsson AB
_______________________________________________
erlang-questions mailing list
erlang-questi...@erlang.org
http://erlang.org/mailman/listinfo/erlang-questions


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google