Random bytes and random int functions
Random is actually a very hard process, human beings may think their random but really we aren’t and computers likewise are not as random. However there are some good algorithms to generate random numbers and strings for encryption or authentication purposes.
Most likely when you create a salt string for encrypting your password’s into the database you need a random salt string todo it. Also random numbers are good, we’ve all seen the captcha on pages and maybe we need a good random number generator for this purpose of authentication. After all we don’t want people to guess our authentication algorithm; instead we could use PHP’s secured random_int function to create a random integer.
The random_int function takes two parameter’s the first parameter is the minimum integer, this is the lowest possible number that could be returned. The second parameter is the highest possible number that could be returned. The job of the random_int function is to come up with a inclusive of or between these two numbers randomly. Take a look…
random_int( 100, 200 );
… Would produce…
Also we have the random_bytes function, this will produce random bytes which is best demonstrated as a string, each character in a string could be a byte for example ‘hello world’ would be 11 bytes including the space. So when we consider random bytes we could consider this function when generating random bytes or characters within a string. Making it perfect for salting and encryption. This function takes one parameter that defines how many random bytes or characters we want in our string. So…
random_bytes( 100 );
… Would produce a string with 100 random characters. This is perfect for salting and encryption or authentication purposes for security.