##########################################################################################

       PHPCRED-37: Replace mt_rand() usage with something more secure

##########################################################################################


Issue Type: New Feature 
-----------------------------------------------------------------------------------------

Issue Information
====================

Priority: Major					Status:      Closed
Resolution:  Done (2015-08-27 01:07:47)
Project: PHPCredlocker (PHPCRED)


Reported By: btasker					
Assigned To: btasker





Time Estimate: 0 minutes
Time Logged:   0 minutes


-----------------------------------------------------------------------------------------

Issue Description
==================

Replace usage of mt_rand() in key generation with something more cryptographically secure.
mt_rand uses Mersenne Twister which is not considered cryptographically secure, which may
lead to predictable keys - http://www.math.sci.hiroshima-u.ac.jp/~m-mat/MT/emt.html

-----------------------------------------------------------------------------------------

Activity
==========

	
-----------------------------------------------------------------------------------------
2014-08-09 22:38:56              btasker
-----------------------------------------------------------------------------------------

Partially implemented, would like to implement the option to use /dev/random but need to
ensure it's possible to do without risking blocking.
	
-----------------------------------------------------------------------------------------
2015-08-27 01:07:47              btasker
-----------------------------------------------------------------------------------------

Closing, this was implemented way back in
https://github.com/bentasker/PHPCredLocker/commit/1006ca409e99bac50f274791ccfc099dddfe6a6c
	
-----------------------------------------------------------------------------------------
2015-08-27 01:07:47              
-----------------------------------------------------------------------------------------

btasker changed status from 'Open' to 'Resolved'
	
-----------------------------------------------------------------------------------------
2015-08-27 01:07:47              
-----------------------------------------------------------------------------------------

btasker added 'Ben Tasker' to assignee
	
-----------------------------------------------------------------------------------------
2015-08-27 01:07:47              
-----------------------------------------------------------------------------------------

btasker added 'Done' to resolution
	
-----------------------------------------------------------------------------------------
2015-08-27 01:07:51              
-----------------------------------------------------------------------------------------

btasker changed status from 'Resolved' to 'Closed'