|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #81384 Secureness of GMP random functions undocumented
Submitted: 2021-08-26 09:12 UTC Modified: 2021-08-26 10:33 UTC
Avg. Score:1.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: michelbach94 at gmail dot com Assigned:
Status: Verified Package: GNU MP related
PHP Version: 8.0.9 OS: any
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2021-08-26 09:12 UTC] michelbach94 at gmail dot com
Usually, the documentation of PHP functions that return randomness says whether the respective function is cryptographically secure. However, this is not the case with the GMP randomness functions gmp_random_bits() and gmp_random_range() (nor with the deprecated gmp_random()).

From a Google search, I found that these functions are not cryptographically secure sources of randomness ( This should be added to the documentation as PHP's GMP implementation being able to handle large numbers is very welcoming to the implementation of cryptographic primitives.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-08-26 10:33 UTC]
-Status: Open +Status: Verified
 [2021-08-26 10:33 UTC]
gmp_random_bits(), gmp_random() and gmp_random_range() call
mpz_urandomb() and mpz_urandomm(), respectively, internally, and
these names suggest that urandom is used as source of randomness,
but this is not explicitly documented[1], so possibly that "u"
just refers to the uniform distribution.

So, yes, if in doubt don't use these numbers for cryptographic

[1] <>
PHP Copyright © 2001-2022 The PHP Group
All rights reserved.
Last updated: Sun Oct 02 03:03:42 2022 UTC