gun icon indicating copy to clipboard operation
gun copied to clipboard

Published 20 hours ago verified publisher icon amark

String.random() is not secure

Open daviddahl opened this issue 3 years ago • 3 comments

I noticed in https://github.com/amark/gun/blob/edf6c5f38dc2ad40d097814974bc8b27a504295c/gun.js#L18

That String.random is used to encrypt passwords, etc. Math.random is not cryptographically secure: https://stackoverflow.com/questions/5651789/is-math-random-cryptographically-secure

One should just use window.crypto.getRandomValues as it actually uses the OS' random seed.

daviddahl avatar Oct 06 '21 14:10 daviddahl

Even if only used for salting the password hash as opposed to generating the underlying pair?

labs-dlugo avatar Oct 06 '21 14:10 labs-dlugo

Even if only used for salting the password hash as opposed to generating the underlying pair...

I just worry about these things: https://github.com/amark/gun/blob/8e4128b474987fe59e2d73e38c56e30b8a4aa291/sea/auth.js#L93

The comment even says pseudo-random and this is a password change operation.

Also, as someone who has participated in several code audits by actual cryptographers, this would come up as something to remediate as it is concerning a password change / crypto key usage.

daviddahl avatar Oct 06 '21 16:10 daviddahl

I agree, if any SEA code uses a generic random it should be changed.

Let's change it in SEA, and leave generic randoms as generic (or else dependency bloat will pile up fast).

amark avatar Oct 10 '21 12:10 amark