[Haskell-cafe] [Haskell] ANN: nonce package
Tobias Dammers
tdammers at gmail.com
Sat May 23 16:02:13 UTC 2015
Looks useful; feature request: something like
nonce :: MonadIO => Int -> Generator
(plus -url and -T flavors, obviously). I believe allowing the programmer
to balance security vs. usability demands would be a good thing overall
and worth a knob.
-> m ByteString
On Fri, May 22, 2015 at 08:06:18PM -0300, Felipe Lessa wrote:
> (Please forgive me if you received multiple copies of this e-mail.)
>
> Hello,
>
> The nonce package [1] contains functions to easily generate
> cryptographic nonces for many situations. Some places where these
> generated nonces can be used include:
>
> - Password recovery e-mail tokens.
>
> - XSRF protection tokens.
>
> - Session IDs sent on cookies.
>
> - Initialization vectors.
>
> It uses an AES CPRNG periodically reseeded from /dev/urandom (or
> equivalent). It has no frills, no knobs, so it's hard to misuse. It's
> been available for an year but I just realized I've never properly
> announced it.
>
> Regrettably, I've seen many uses of the random package (System.Random)
> when generating nonces. It's a bad choice: it is not a
> cryptographically secure PRNG, contains low entropy (64-bit state), and
> its default usage is seeded predictably (using a constant seed). Please
> avoid using the random package for generating nonces at all costs. In
> its stead, use the nonce package or something similar.
>
> Cheers,
>
> [1] http://hackage.haskell.org/package/nonce
>
> --
> Felipe.
>
> _______________________________________________
> Haskell mailing list
> Haskell at haskell.org
> http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
--
Tobias Dammers - tdammers at gmail.com
More information about the Haskell-Cafe
mailing list