On Sunday, 26 February 2017 at 18:23:27 UTC, cym13 wrote:
Hi,
I found many times that people use unpredictableSeed in
combination with normal PRNG for cryptographic purpose. Some
even go as far as reseeding at each call to try making it more
secure.
It is a dangerous practice, most PRNG are not designed with
security (and unpredictability) in mind, and unpredictableSeed
was definitely not designed with security in mind (or it failed
heavily at it). It's a good tool when one needs randomness, not
security.
I wrote a blog post to present exactly why this is a bad idea
and how it could be exploited [1].
The best would be to add a standard CSPRNG interface to Phobos
but we aren't there yet.
[1]: https://cym13.github.io/article/unpredictableSeed.html
When I see the code for unpredictableSeed I went face palm really
hard.
I did some digging, and it was way way worse:
https://github.com/dlang/phobos/commit/ff54d867e41abc8261075f0dce1261d68ee09180#diff-713ce153554afc99a07767cc8ba940aeL529
https://github.com/dlang/phobos/commit/c433c36658df45677bf90b00e93cba051883294e
