Last active
February 16, 2016 22:49
-
-
Save sarciszewski/f7bd4c0358a44321787b to your computer and use it in GitHub Desktop.
Revisions
-
sarciszewski revised this gist
Mar 2, 2015 . 3 changed files with 52 additions and 9 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -14,3 +14,12 @@ function better_prng($bytes = 32) } return openssl_random_pseudo_bytes(32); } function openssl_prng($bytes = 32) { return openssl_random_pseudo_bytes(32); } function mcrypt_prng($bytes = 32) { return mcrypt_create_iv(32, MCRYPT_DEV_URANDOM); } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -15,4 +15,16 @@ } $tests['csprng'] = ( microtime(true) - $start ); $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = openssl_prng(); } $tests['openssl'] = ( microtime(true) - $start ); $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = mcrypt_prng(); } $tests['mcrypt'] = ( microtime(true) - $start ); var_dump($tests); This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,18 +1,40 @@ array(4) { ["mtrand"]=> float(2.3792960643768) ["csprng"]=> float(1.0584290027618) ["openssl"]=> float(0.38547611236572) ["mcrypt"]=> float(0.97102904319763) } array(4) { ["mtrand"]=> float(2.4055750370026) ["csprng"]=> float(1.0631558895111) ["openssl"]=> float(0.30554485321045) ["mcrypt"]=> float(1.106586933136) } array(4) { ["mtrand"]=> float(2.3207230567932) ["csprng"]=> float(1.0591180324554) ["openssl"]=> float(0.29997992515564) ["mcrypt"]=> float(1.0387818813324) } array(4) { ["mtrand"]=> float(2.3104860782623) ["csprng"]=> float(1.1197648048401) ["openssl"]=> float(0.2982759475708) ["mcrypt"]=> float(1.0270299911499) } -
Mar 1, 2015 . 1 changed file with 3 additions and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,3 +1,5 @@ In response to some people claiming that using a CSPRNG is "going way overboard" and/or is "overkill", I've written this test to verify the performance impact of using a CSPRNG versus their insecure `mt_rand()` based hacks. I think the results are conclusive (at least on my device): A 50% speed increase. In addition to less-predictable randomness. If anyone would like to suggest a benchmark script (or conditions that lead to different results with mine), let me know and I will link to them here. -
Mar 1, 2015 . 1 changed file with 3 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,3 @@ In response to some people claiming that using a CSPRNG is "going way overboard" and/or is "overkill", I've written this test to verify the performance impact of using a CSPRNG versus their insecure `mt_rand()` based hacks. I think the results are conclusive (at least on my device): A 50% speed increase. In addition to less-predictable randomness. -
Mar 1, 2015 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Mar 1, 2015 . 2 changed files with 16 additions and 10 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,12 +1,18 @@ array(2) { ["mtrand"]=> float(0.97707104682922) ["csprng"]=> float(0.51490783691406) } array(2) { ["mtrand"]=> float(0.98253417015076) ["csprng"]=> float(0.50583696365356) } array(2) { ["mtrand"]=> float(1.0016939640045) ["csprng"]=> float(0.5266740322113) } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -7,12 +7,12 @@ for ($i = 0; $i < 100000; ++$i) { $buf = shitty_prng(); } $tests['mtrand'] = ( microtime(true) - $start ); $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = better_prng(); } $tests['csprng'] = ( microtime(true) - $start ); var_dump($tests); -
Mar 1, 2015 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -2,7 +2,7 @@ require "functions.php"; $buf = ''; $tests = []; $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = shitty_prng(); -
Mar 1, 2015 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,12 @@ array(2) { [0]=> float(0.98936986923218) [1]=> float(0.51176810264587) } array(2) { [0]=> float(0.98116898536682) [1]=> float(0.52457714080811) } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,16 @@ <?php function shitty_prng($bytes = 32) { $buf = ''; for ($i = 0; $i < $bytes; ++$i) { $buf .= chr(mt_rand(0, 255)); } } function better_prng($bytes = 32) { if (function_exists('mcrypt_create_iv')) { return mcrypt_create_iv(32, MCRYPT_DEV_URANDOM); } return openssl_random_pseudo_bytes(32); } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,18 @@ <?php require "functions.php"; $buf = ''; $tests = [[],[]]; $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = shitty_prng(); } $tests[0] = ( microtime(true) - $start ); $start = microtime(true); for ($i = 0; $i < 100000; ++$i) { $buf = better_prng(); } $tests[1] = ( microtime(true) - $start ); var_dump($tests);