Received: by 10.204.129.81 with SMTP id n17mr552238bks.3.1345215385501; Fri, 17 Aug 2012 07:56:25 -0700 (PDT) X-BeenThere: erlang-programming@googlegroups.com Received: by 10.205.119.129 with SMTP id fu1ls2968037bkc.4.gmail; Fri, 17 Aug 2012 07:56:25 -0700 (PDT) Received: by 10.204.15.209 with SMTP id l17mr551997bka.6.1345215385039; Fri, 17 Aug 2012 07:56:25 -0700 (PDT) Received: by 10.204.15.209 with SMTP id l17mr551996bka.6.1345215385020; Fri, 17 Aug 2012 07:56:25 -0700 (PDT) Return-Path: Received: from hades.cslab.ericsson.net (hades.cslab.ericsson.net. [192.121.151.104]) by gmr-mx.google.com with ESMTP id j4si1787407bkj.3.2012.08.17.07.56.24; Fri, 17 Aug 2012 07:56:24 -0700 (PDT) Received-SPF: pass (google.com: domain of erlang-questions-boun...@erlang.org designates 192.121.151.104 as permitted sender) client-ip=192.121.151.104; Authentication-Results: gmr-mx.google.com; spf=pass (google.com: domain of erlang-questions-boun...@erlang.org designates 192.121.151.104 as permitted sender) smtp.mail=erlang-questions-boun...@erlang.org Received: from hades.cslab.ericsson.net (hades [192.121.151.104]) by hades.cslab.ericsson.net (Postfix) with ESMTP id 060415C1EB; Fri, 17 Aug 2012 16:56:18 +0200 (CEST) X-Original-To: erlang-questi...@erlang.org Delivered-To: erlang-questi...@erlang.org Received: from mailgw1.ericsson.se (mailgw1.ericsson.se [193.180.251.45]) by hades.cslab.ericsson.net (Postfix) with ESMTP id 6B2035C00A for ; Fri, 17 Aug 2012 16:56:16 +0200 (CEST) X-AuditID: c1b4fb2d-b7fd66d0000004ad-33-502e5b903db2 Received: from esessmw0197.eemea.ericsson.se (Unknown_Domain [153.88.253.125]) by mailgw1.ericsson.se (Symantec Mail Security) with SMTP id AD.85.01197.09B5E205; Fri, 17 Aug 2012 16:56:16 +0200 (CEST) Received: from super.otp.ericsson.se (153.88.115.8) by esessmw0197.eemea.ericsson.se (153.88.115.88) with Microsoft SMTP Server id 8.3.264.1; Fri, 17 Aug 2012 16:56:16 +0200 Received: from finrod.otp.ericsson.se (finrod.otp.ericsson.se [147.214.122.89]) by super.otp.ericsson.se (8.13.6/8.13.6/SuSE Linux 0.8) with ESMTP id q7HEuDmp016772 for ; Fri, 17 Aug 2012 16:56:15 +0200 Received: from finrod.otp.ericsson.se (localhost [127.0.0.1]) by finrod.otp.ericsson.se (8.14.4/8.14.4/Debian-2ubuntu1) with ESMTP id q7HEuDNu016004 for ; Fri, 17 Aug 2012 16:56:13 +0200 Received: (from raimo@localhost) by finrod.otp.ericsson.se (8.14.4/8.14.4/Submit) id q7HEuDQi016001 for erlang-questi...@erlang.org; Fri, 17 Aug 2012 16:56:13 +0200 X-Authentication-Warning: finrod.otp.ericsson.se: raimo set sender to raimo+erlang-questi...@erix.ericsson.se using -f Date: Fri, 17 Aug 2012 16:56:13 +0200 From: Raimo Niskanen To: erlang-questi...@erlang.org Message-ID: <20120817145613.GA15...@erix.ericsson.se> Mail-Followup-To: erlang-questi...@erlang.org References: <62A7B196-371E-450A-8D73-7C3F9CD70...@gmail.com> <502A721C.1020...@erix.ericsson.se> <6936E038-730D-43FE-857A-D20A4E467...@gmail.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFtrOLMWRmVeSWpSXmKPExsUyM+Jvre6EaL0AgwdnxC3mvznK7sDo8eHe NKYAxigum5TUnMyy1CJ9uwSujG2tW5gKDslW7Lv7jL2BsVe8i5GDQ0LARGL99uAuRk4gU0zi wr31bF2MXBxCAqcYJT5fesUC4WxklHgy6xgjhPOWUWLC7m9QmbuMEl8nN7NCOCsYJa50zGaC GFYm8eX4PXYQm0VAVWLX+vtsIDabgJ3EyaVXwGpEBOQlXv07yQJiCwvYSCw80gIW5xUwldj4 sosNwtaVaLm5COqoTmaJqx8XQxUJSpyc+QSsmVlAR2LB7k9sIA8xC0hLLP/HARLmFLCVuLS7 gRXEFhVQkZhychtYiRDQzxvPx01gFJ2FZNAsJINmIQxawMi8ilE4NzEzJ73cUC+1KDO5uDg/ T684dRMjMPAPbvmtu4Px1DmRQ4zSHCxK4rxcSfv9hQTSE0tSs1NTC1KL4otKc1KLDzEycXBK NTCafVbjOXwgkO9YUWTOitipq2wLp0Z1ylbwGi5l79tWPEvk3A89r6cfS6f+WObX63tpZvxV rgBFqd8LLIzY5GbfmRY95xkDz071vm+a04sE0l7o1223dbAMzX7DEXJX9r6y8hPe3g+6PJca InITLhzePLEk8quY9MItbyf1P7uVv2aCf+NdRX8lluKMREMt5qLiRACumLqeSgIAAA== Subject: Re: [erlang-questions] Password generator in Erlang X-BeenThere: erlang-questi...@erlang.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: General Erlang/OTP discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: erlang-questions-boun...@erlang.org Sender: erlang-questions-boun...@erlang.org On Fri, Aug 17, 2012 at 04:38:06PM +0200, Zabrane Mickael wrote: > Hi Samuel, > > Great feedbacks. > > I'll try to find out how to generate good seeds. > May be some braves Erlangers know the answer? The simple answer is as mentioned before in this thread to use crypto:strong_rand_bytes/1, as it will with OS and library support take care of the seeding itself. This will be what is considered secure enough by the writers of OpenSSL. strong_rand_bytes(N) -> binary() Types: N = integer() Generates N bytes randomly uniform 0..255, and returns the result in a binary. Uses a cryptographically secure prng seeded and periodically mixed with operating system provided entropy. By default this is the RAND_bytes method from OpenSSL. May throw exception low_entropy in case the random generator failed due to lack of secure "randomness". / Raimo > > Regards, > Zabrane > > On Aug 17, 2012, at 12:53 PM, Samuel wrote: > > >> The second implementation is more secure in that sense, but still the > >> original seed is guessable. An attacker can generate possible password > >> sequences by bruteforce just tying possible now tuples around the time > >> he thinks the real seed was created. > >> > >> > >> So, how one can generate a secure un-predicatable seeds? > > > > That's the tricky part :) At least you have to avoid generating > > clearly predictable seeds as the seed is your private key in this > > case. With the seed anyone can reproduce the sequence. > > > > crypto:strong_rand_bytes strives for better security properties, and I > > understand it abstracts how to generate a good key for you, trying to > > suck entropy from your system (so you may need to sit there banging > > the keys and moving the mouse around for that ;) ) > > > > I am not a security expert by far, I just know some things that do not > > work :). For things that work, the common approach is relying in > > popular libraries not known to be broken. and trying not to use them > > in a fancy way as the history is full of famous broken cryptographic > > uses (you can read about flaws CSS, WEP, etc). > > > > Of course, whether that approach is advisable or not is more a > > philosophical question, not knowing they are not broken doesn't mean > > that no one knows how to break them and has the key access information > > is thought to be safely encrypted :) > > > >> We also moved to "Tiny Mersenne Twister" > >> (https://github.com/jj1bdx/tinymt-erlang) instead of using > >> the standard random:uniform since the last Yaws security alert > >> (http://erlang.org/pipermail/erlang-questions/2012-June/067626.html). > >> Is this sufficient or should we also find a way to generate a unpredicatble > >> seed for it? > > > > As said, I am not a security expert, but as far as I can read, the > > goals of that algorithm are to keep a small state with good > > statistical properties, it says nothing about security (which doesn't > > necessarily mean it is insecure, of course). A PRG can have good > > statistical properties and still be insecure, being a secure PRG is a > > stronger assumption. That is why erlang:random is fine for non > > cryptographic uses, but for security you need something more complex. > > > > Anyway, you always need a seed no one can guess. Same seed, same > > sequence, so if someone guesses your seed it basically gets all your > > passwords in return. > > > > Regards > > -- > > Samuel > > > _______________________________________________ > erlang-questions mailing list > erlang-questi...@erlang.org > http://erlang.org/mailman/listinfo/erlang-questions -- / Raimo Niskanen, Erlang/OTP, Ericsson AB _______________________________________________ erlang-questions mailing list erlang-questi...@erlang.org http://erlang.org/mailman/listinfo/erlang-questions