Looks useful; feature request: something like nonce :: MonadIO => Int -> Generator (plus -url and -T flavors, obviously). I believe allowing the programmer to balance security vs. usability demands would be a good thing overall and worth a knob. -> m ByteString On Fri, May 22, 2015 at 08:06:18PM -0300, Felipe Lessa wrote:
(Please forgive me if you received multiple copies of this e-mail.)
Hello,
The nonce package [1] contains functions to easily generate cryptographic nonces for many situations. Some places where these generated nonces can be used include:
- Password recovery e-mail tokens.
- XSRF protection tokens.
- Session IDs sent on cookies.
- Initialization vectors.
It uses an AES CPRNG periodically reseeded from /dev/urandom (or equivalent). It has no frills, no knobs, so it's hard to misuse. It's been available for an year but I just realized I've never properly announced it.
Regrettably, I've seen many uses of the random package (System.Random) when generating nonces. It's a bad choice: it is not a cryptographically secure PRNG, contains low entropy (64-bit state), and its default usage is seeded predictably (using a constant seed). Please avoid using the random package for generating nonces at all costs. In its stead, use the nonce package or something similar.
Cheers,
[1] http://hackage.haskell.org/package/nonce
-- Felipe.
_______________________________________________ Haskell mailing list Haskell@haskell.org http://mail.haskell.org/cgi-bin/mailman/listinfo/haskell
-- Tobias Dammers - tdammers@gmail.com