[Haskell-cafe] ANN: nonce package

Felipe Lessa felipe.lessa at gmail.com
Fri May 22 23:06:18 UTC 2015

(Please forgive me if you received multiple copies of this e-mail.)


The nonce package [1] contains functions to easily generate
cryptographic nonces for many situations.  Some places where these
generated nonces can be used include:

  - Password recovery e-mail tokens.

  - XSRF protection tokens.

  - Session IDs sent on cookies.

  - Initialization vectors.

It uses an AES CPRNG periodically reseeded from /dev/urandom (or
equivalent).  It has no frills, no knobs, so it's hard to misuse.  It's
been available for an year but I just realized I've never properly
announced it.

Regrettably, I've seen many uses of the random package (System.Random)
when generating nonces.  It's a bad choice: it is not a
cryptographically secure PRNG, contains low entropy (64-bit state), and
its default usage is seeded predictably (using a constant seed).  Please
avoid using the random package for generating nonces at all costs.  In
its stead, use the nonce package or something similar.


[1] http://hackage.haskell.org/package/nonce


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://mail.haskell.org/pipermail/haskell-cafe/attachments/20150522/1140323f/attachment.sig>

More information about the Haskell-Cafe mailing list