search

asmcrypto / asmcrypto.js

JavaScript Cryptographic Library with performance in mind.
MIT License
659 stars 182 forks source link

asmCrypto PRNG not seeded #121

Closed colomboe closed 6 years ago

colomboe commented 7 years ago

Using asmCrypto inside a browser web app, I get the following message:

asmCrypto PRNG not seeded; your security relies on your system PRNG. If this is not acceptable, use asmCrypto.random.seed().

I've tried some different solutions but I can't get what is the expected right way to proceed in this situation. My app is completely client side JS, there is no backend. Is there any example available that shows how to initialise the PRNG on a browser?

My targets are the latest versions of Chrome, Firefox and Edge.

jdonaldson10 commented 7 years ago

The warning is indicating that PRNG hasn't been seeded and is using a default implementation. If you simply wish to silence the warning you can by setting.

asmCrypto.random.skipSystemRNGWarning = true

If this is a security critical use case, you should seed by passing some random data to

asmCrypto.random.seed()

However, make sure to heed the warnings in the src as setting a poorly generated or constant value undermines everything thereafter. Buyer beware.

Some good links and discussion in #27 and #65

colomboe commented 7 years ago

Thank you for your reply; I already read all the links and source code you pointed out. Let me understand if I got it right: since I use asmcrypto.js inside a web browser client app, I can skip the warning and use the "default" PRNG implementation or I can provide some random seed from a remote server. I don't see any other way to provide random data as seed on the client; I could use some mouse movements as seed but it could create problems when using touch devices.

From your experience, is the browsers default implementation of PRNG so weak that an alternative must be provided if using the random data generation for PBKDF2 salt and AES IV generation?

ghost commented 7 years ago

The warning is indicating that PRNG hasn't been seeded and is using a default implementation.

Quick question: Doesn't asmCrypto PRNG not seeded mean the same as: seeded with a constant value? and thus this applies: **DO NOT SEED WITH CONSTANT VALUE! YOU'LL GET NO RANDOMNESS FROM CONSTANT!**

Thanks.

vibornoff commented 7 years ago

@xftroxgpx it means "seeded with a small amount of randomness" (take a look to https://github.com/vibornoff/asmcrypto.js/blob/master/src/random/random.js#L32-L84)

ghost commented 7 years ago

Right-on. Much appreciated!