Bug#537952: Use more random random seed than localtime

Jonathan Yu jonathan.i.yu at gmail.com
Wed Jul 22 15:48:09 UTC 2009 

Incidentally, here is the quilt patch which should fix the issue. It
should also work on older Perls without Perl_seed, so I'll forward
this upstream (while making a simultaneous release in Debian) so that
hopefully it's fixed in the near future.

Description: Update seeding algorithm
 By default, this algorithm uses localtime to seed the random number
 generator, which provides poor randomness when Perl is executed many
 times sequentially. This patch replaces that with Don Armstrong's
 proposed solution, Perl_seed. See BTS#537952 for details.
Origin: vendor
Author: Jonathan Yu <frequency at cpan.org>
Bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=537952
Bug-CPAN: https://rt.cpan.org/Ticket/Display.html?id=48080
Forwarded: yes
--- a/Random.pm
+++ b/Random.pm
@@ -73,7 +73,7 @@


 ### set seeds by default
-salfph(scalar(localtime()));
+salfph(get_seed() || scalar(localtime));

 #####################################################################
 #                    RANDOM DEVIATE GENERATORS                     #
--- a/Random.xs
+++ b/Random.xs
@@ -11,6 +11,28 @@
 #include "randlib.h"
 #include "helper.h"

+#define PERL_VERSION_ATLEAST(a,b,c)                            \
+  (PERL_REVISION > (a)                                         \
+   || (PERL_REVISION == (a)                                    \
+       && (PERL_VERSION > (b)                                  \
+           || (PERL_VERSION == (b) && PERL_SUBVERSION >= (c)))))
+
+#if PERL_VERSION_ATLEAST (5,8,1)
+/* For whatever reason, the random seeds need to be in 1..2^30; the below will
+ * be uniformly distributed assuming the seed value is uniformly distributed.
+ *
+ * This approach isn't cryptographically secure. Consider using /dev/random
+ * or Math::TrulyRandom to get some real entropy.
+ */
+#define Perl_get_seed (long)(Perl_seed(aTHX) % 1073741824L)
+#else
+/* If we don't support seeds, return 0 so we can fall back to localtime for
+ * default seeding. There's a chance Perl_seed will return 0 and mask this,
+ * but in that case the data should still be "random enough" anyway.
+ */
+#define Perl_get_seed 0L
+#endif /* Perl_seed */
+
 static int
 not_here(s)
 char *s;
@@ -38,6 +60,12 @@

 MODULE = Math::Random          PACKAGE = Math::Random

+long
+get_seed()
+       CODE:
+       RETVAL = Perl_get_seed;
+       OUTPUT:
+       RETVAL

 double
 genbet (aa,bb)

On Wed, Jul 22, 2009 at 11:46 AM, Jonathan Yu<jonathan.i.yu at gmail.com> wrote:
> Good news everyone.
>
> I've slightly rewritten Don's patch; I was getting some test failures,
> presumably because it didn't use the phrase way of setting it. Anyway,
> I wrote a simple function to grab the seed from Perl_seed which is
> then passed into salfph
>
> Here is some output:
>
> newbuildd:/home/jon/tmp9# for a in $(seq 1 50); do perl
> -MMath::Random=random_uniform -e 'print join(q( ),
> random_uniform(4)),qq(\n)'; done;
>
> 0.665908828658169 0.454013021472426 0.488777318757992 0.607060520723529
> 0.554647520717718 0.128943547587936 0.16766312543832 0.496622666815727
> 0.458289686103642 0.465999027532487 0.049702776700601 0.934324689403921
> 0.863641360499671 0.400219364100437 0.230988093947055 0.234758506042172
> 0.340603666357376 0.458890598735633 0.314381090794873 0.678264332773382
> 0.920569428824075 0.82850050340525 0.758234171406322 0.442743852098113
> 0.949115248245558 0.0698253535363614 0.525481791079954 0.321469143649972
> 0.043541077385187 0.148428738869933 0.457866965755211 0.0477105989378881
> 0.587249929046372 0.37406720304662 0.833306070338477 0.523574002321712
> 0.130949275163323 0.458964866125963 0.747197927679785 0.583421630594339
>
> I'm a bit concerned about exposing Perl's seed value to Perl programs
> though. It's a bit dangerous since knowing this value for a particular
> instance could lead to an algorithmic complexity denial of service
> attack.
>
> I would still recommend using Math::TrulyRandom to get some random
> data. This data definitely looks good enough for use in simulations
> though :-)
>
> Cheers,
>
> Jonathan
>
> On Wed, Jul 22, 2009 at 10:14 AM, Jonathan Yu<jonathan.i.yu at gmail.com> wrote:
>> On Wed, Jul 22, 2009 at 6:40 AM, Don Armstrong<don at donarmstrong.com> wrote:
>>> On Wed, 22 Jul 2009, Don Armstrong wrote:
>>>> On Wed, 22 Jul 2009, Damyan Ivanov wrote:
>>>> > I believe the patch Don is about to send will require smaller
>>>> > changes. Having some conditional code would be nice so that it
>>>> > doesn't break 5.8 installs, but that's it. Then we forward it
>>>> > upstream and let them decide.
>>>>
>>>> Attached is the fairly trivial change to do this.
>>>
>>> Updated now to work on 32 bit architectures properly.
>> Sweet!
>>
>> Thanks very much for the patch. I'll work on integrating it, though I
>> want to do what Damyan suggested and make sure Perl > 5.8 before doing
>> so (actually, I don't know if this is something ppport.h provides
>> backward compatibility for)
>>>
>>>
>>> Don Armstrong
>>>
>>> --
>>> Your village called.
>>> They want their idiot back.
>>>  -- xkcd http://xkcd.com/c23.html
>>>
>>> http://www.donarmstrong.com              http://rzlab.ucr.edu
>>>
>>> _______________________________________________
>>> pkg-perl-maintainers mailing list
>>> pkg-perl-maintainers at lists.alioth.debian.org
>>> http://lists.alioth.debian.org/mailman/listinfo/pkg-perl-maintainers
>>>
>>
>

More information about the pkg-perl-maintainers mailing list