- From: Harry Halpin <hhalpin@w3.org>
- Date: Mon, 20 Aug 2012 15:46:13 +0200
- To: "public-webcrypto@w3.org" <public-webcrypto@w3.org>, mike@w3.org
[cc'ing Mike Smith from HTML WG]
I believe from our last meeting that Wan-Teh Chan was concerned over the
use of a non-cryptographic PRG RC4 in the WHATWG spec and filed a bug,
and I think it was removed [2]. Also, there has been general concern in
the blogosphere, as exemplified by this Matsuno blog post [1], that
large random number generation in Javascript is currently broken.
However, I suspect this all goes back to Math.random(), which is not
part of HTML and not what we will encourage people to use (if they
really need to go this low-level!), but instead we will focus on
window.crypto.getRandomValues() [2].
However, I do think the WG needs to carefully consider the issues (of
which random number generation is a small part) brought up by the
Matsuno blog post and others to make sure what the WebCrypto WG produces
actually has reasonable security properties. So let's make sure we have
secure PRG across all browsers.
So everyone, what's the status of window.crypto.getRandomValues() is as
regards cross-browser support, either currently or in the future? I see
Mozilla is still trying to get a secure PRG exposed on the DOM [3]. Does
each browser now produce cryptographically strong PRG? Does that include
IE and Opera?
If there are no problems except the use of RC4 in HTML5, I can consider
this action closed.
If there some possible problems, we as a WG need to suggest text for the
WHATWG/HTML5 effort and our own spec to address PRG concerns in Javascript.
cheers,
harry
[1] http://www.matasano.com/articles/javascript-cryptography/
[2] http://wiki.whatwg.org/wiki/Crypto
[3] https://bugzilla.mozilla.org/show_bug.cgi?id=440046
Received on Monday, 20 August 2012 13:46:34 UTC