Random line: php str_shuffle adds entropy

Question

Random line: php str_shuffle adds entropy

I generate a random string with this:

 $characters = '0123456789QWERTYUIOPASDFGHJKLZXCVBNMqwertyuiopasdfghjklzxcvbnm';  
$cl = strlen($characters) -1;
$id = '';
for ($p = 0; $p < $le; $p++) {N
    $id .= $characters[mt_rand(0, $cl)];
}

Now, if I do str_shuffle($id), it will add entropy, i.e. will make the string more random?

+3

php random

Tero lahtinen Feb 14 '14 at 9:35

source share

2 answers

cooper · Answer 1 · 2014-02-14T09:45:27+0000

No. This is not true.

str_shuffle just gets a random result from your string, so it will give you another random string, but no more entropy.

If you are looking for a more entropy string, you can add special characters to the $ characters variable or get $ le more than it actually is.

Scott Arciszewski · Answer 2 · 2014-02-17T19:41:12+0000

If you need password entropy, can I suggest openssl_random_pseudo_bytes ($ length) or mcrypt_create_iv ($ length)?

binhex() convBase(), PHP base_convert()

Random line: php str_shuffle adds entropy

More articles: