reviewing random seeding

Hey all,

I've reviewed the seeding of the random number generator we do within
SquirrelMail and have found the following points:

1) The mail_fetch function uses not so secure seeding of srand().

However, the encryption used there is advertised as insecure anyway. I
wonder whether we should not just remove that feature altogether.
Trivially cracked encryption can be worse than no encryption because the
effect is the same for an attacker but it may create some sense of
security. What value does the function add if it's trivially cracked?

2) php_combined_lcg() in global.php seeds the random number generator in a
not so secure fashion.

I believe we should just rip out this seeding and replace it with a call
to sq_mt_randomize() instead so we have this code only in one place.

3) The behaviour of sq_mt_randomize() itself needs to be reviewed.

We currently re-seed it with several unpredictable values. We need to find
out whether re-seeding it actually adds randomness or just 'resets' the
thing so only the last one is useful.

PHP doesn't require seeding for versions 4.2 and up, but the PHP
implementation is reportedly limited in randomness unfortunately. The
newest suhosin patch is supposed to address that.

cheers,
Thijs

-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
-----
squirrelmail-devel mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-devel <at> lists.sourceforge.net
List archives: http://news.gmane.org/gmane.mail.squirrelmail.devel
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-devel