What is random? If you think about it, describing randomness is quite difficult; and so is generating random numbers for computers. If you get it wrong, you can open your app to serious security exploits.

Unfortunately true randomness is a non-trivial achievement for computers. In fact, using weak sources of randomness can leave your application open to myriad vulnerabilities. Enter: a good cryptographically secure pseudorandom number generator (CSPRNG).

We'll discuss the importance of using good sources of randomness, the CSPRNG options we had in PHP 5.x, and how the new [CSPRNG functions in PHP 7](http://php.net/csprng) work under the hood. Learn how to get it right in this talk about PHP's cryptographically secure RNG.

Comments

Comments are closed.

Rated 5

Justin at 11:44 on 1 Jun 2018

Sammy is always a good speaker. Animations are top notch. It’s never a bad idea to check out his talks.

Rated 5

Andy Snell at 11:36 on 3 Jun 2018

Nobody does slides like Sammy. A good balance between the technical and the "keep me interested after lunch".