|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Doc Bug #81384 Secureness of GMP random functions undocumented
Submitted: 2021-08-26 09:12 UTC Modified: 2021-08-26 10:33 UTC
From: michelbach94 at gmail dot com Assigned:
Status: Verified Package: GNU MP related
PHP Version: 8.0.9 OS: any
Private report: No CVE-ID: None
View Add Comment Developer Edit
Anyone can comment on a bug. Have a simpler test case? Does it work for you on a different platform? Let us know!
Just going to say 'Me too!'? Don't clutter the database with that please — but make sure to vote on the bug!
Your email address:
Solve the problem:
50 + 21 = ?
Subscribe to this entry?

 [2021-08-26 09:12 UTC] michelbach94 at gmail dot com
Usually, the documentation of PHP functions that return randomness says whether the respective function is cryptographically secure. However, this is not the case with the GMP randomness functions gmp_random_bits() and gmp_random_range() (nor with the deprecated gmp_random()).

From a Google search, I found that these functions are not cryptographically secure sources of randomness ( This should be added to the documentation as PHP's GMP implementation being able to handle large numbers is very welcoming to the implementation of cryptographic primitives.


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2021-08-26 10:33 UTC]
-Status: Open +Status: Verified
 [2021-08-26 10:33 UTC]
gmp_random_bits(), gmp_random() and gmp_random_range() call
mpz_urandomb() and mpz_urandomm(), respectively, internally, and
these names suggest that urandom is used as source of randomness,
but this is not explicitly documented[1], so possibly that "u"
just refers to the uniform distribution.

So, yes, if in doubt don't use these numbers for cryptographic

[1] <>
PHP Copyright © 2001-2021 The PHP Group
All rights reserved.
Last updated: Tue Nov 30 13:03:49 2021 UTC