[whatwg] Cryptographically strong random numbers
Roger Hågensen
rescator at emsai.net
Sat Feb 5 19:22:39 PST 2011
On 2011-02-06 03:34, Boris Zbarsky wrote:
> The context in which I've seen people ask for cryptographically secure
> Math.random are cases where one script can tell what random numbers
> another script got by examining the sequence of random numbers it's
> getting itself. But I was never told what that "other script" was
> doing, only that it wanted its random numbers to be unguessable.
Hmm! A hostile script/cross-site exploit?
But if a script is running "that close" to another script, isn't the
guessing of the other script's random numbers the least of your worries?
The "bad script" is already inside the house anyway, but just in the
other room right?
It kinda reminds me of Raymond Chen at MicroSoft. Just Google the
following site:msdn.com It rather involved being on the other
side of this airtight hatchway
Kind reminds me of some of those stories.
I assume they are worried about two tabs or an iframe in a page, and a
"bad" script is trying to figure out the random numbers another script has.
This is just my oppinion but... If they need random number generation in
their script to be cryptographically secure to be protected from another
"spying" script...
then they are doing it wrong. Use HTTPS, issue solved right? I'm kinda
intrigued about the people you've seen asking, and what exactly it is
they are coding if that is an issue. *laughs*
Besides, isn't there several things (by WHATWG even) that prevents such
spying or even makes it impossible?
I have yet to hear of any actual panic regarding this, the same "issue"
is theoretically know with EXE's as well.
But with the multithreaded and multicore CPU's, clock variations, and so
on, trying to exploit the pattern in say a Mersienne Twister PRNG by
pulling lots of random numbers
would either A. not work or B. cause a suspicious 100% cpu use on a core.
And don't forget that browsers like Chrome runs each tab in it's own
process, which means the PRNG may not share the seed at all with another
tab (I'm guessing pretty surely that each tab HAS it's own seed).
Besides, social engineering has a much higher success rate than this so...
Would be nice if some crypto/security experts popped their heads in
about now though, in particular about the float question in previous
posts :)
--
Roger "Rescator" Hågensen.
Freelancer - http://www.EmSai.net/
More information about the whatwg
mailing list