Unpopular opinion: given your server has enough entropy, UUID v4 is a good session token.
It allocates 122 bits for the randomly generated part. OWASP recommends session tokens to contain at least 64 bits of entropy while being at least 16 hexadecimal characters long.

The rant category is intentional

If it comes from a crypto rng then fair enough.

Depends on the session duration I guess

If it's a web session far beyond a good token. There's no web server fast enough to brute force guess a uuid4 token on. A LOT of tokens if used for web are safe as fuck. Web is too slow to really brute force with random values. I actually tried it all.

So not a unpopular opinion. You're batshit right.

It takes 8 seconds for my computer to crack the word 'retoor' in best conditions. Imagine it having to crack a uuid4.

Btw, about passwords / token safety: https://molodetz.nl/retoor/gists/...

@jestdotty multiple sources, one of which is unplugged audio jack and the noise it produces

in completely isolated cloud servers where there is no mouse, no keyboard and no audio, entropy reading is indeed 0 sometimes

there are also dedicated entropy generators that are plugged into pci-e. all they do is amplify random electric noise and read it

Sorry guys, totally missed the entropy part. Hmm. Don't know much about it but I can tell you, an UUID is a format with not a certain calculation behind it, so the uniqueness of an UUID depends on the system it generates. The amount of combinations of UUID's are more unique than any grain of sand in the world is me told. So, is UUID unique enough for freaking anything? Yes, it freaking is! Using longer values is prolly useless and if you would use something bigger than a UUID4 in a web application as session could be even seen as waste of bandwith (bit overstatement but ok :P).

So long story short, an UUID4, you can just create one with your mind and it will just be valid. And the UUID4 is as format, is unique enough to do everything you want for the next decades. I guarantee that, especially if it's true about the grains of sand. We will ask GPT.

@chatgpt are the amount of unique combinations of UUID4 more than the amount of sand grains in the world?

@retoor
The number of unique combinations of a UUIDv4 (Universally Unique Identifier version 4) is extremely large. A UUIDv4 consists of 32 hexadecimal digits, giving a total of 16^32 possible combinations, which is roughly equal to 2^128 possible values. This is an astronomical number, far greater than the estimated number of sand grains on Earth.

It is estimated that there are around 7.5 x 10^18 (7.5 quintillion) grains of sand on Earth. In comparison, the number of possible UUIDv4 combinations is 2^128, which is approximately 3.4 x 10^38. This means that the number of unique combinations of UUIDv4 is significantly larger than the number of sand grains in the world.

UUIDv4, despite not being guaranteed to be unique, has such a ridiculously big keyspace that for 99.999% of applications you can safely treat a well generated UUID as unique.

After all, the probability of a collision, and thus someone stealing your session, is waaaaay less likely than you being struck by lightning, or an asteroid wiping us all out, which would render your shitty web session pointless anyway.

Also, last I checked, servers without physical sources of entropy could fall back to algorithms run on a concat of request bodies and timestamps to substitute /dev/u random.

While that certainly has more of an attack surface, it is still a decent source of entropy.

@CoreFusionX if you've read my sophisticated research, UUID's is just a format. How unique it is, is based on the calculation behind it. An UUID could be 5% too.

@CoreFusionX you can trust urandom. After all, if you can demonstrate an attack where urandom was the weakest link, you’ll be set for life.

@chatgpt what is so random about /dev/urandom?

@retoor
/dev/urandom is a special file in Unix-like operating systems that provides a stream of pseudo-random data. It is commonly used as a source of random data for various cryptographic purposes or other applications that require randomness. The "urandom" name stands for "unlimited random" or "non-blocking random," indicating that it continuously generates random data without blocking, unlike /dev/random, which may block if the system's entropy pool is depleted. The data generated by /dev/urandom is not truly random but is considered secure for most purposes. The randomness in /dev/urandom is achieved through a combination of algorithms and system event inputs to generate the random data, making it suitable for a wide range of applications that require randomness.

@chatgpt is /dev/random more random than /dev/urandom? Don't lie to me.

@retoor
/dev/random is considered to be more random than /dev/urandom because /dev/random generates cryptographically secure random numbers by blocking when there is not enough entropy available, while /dev/urandom does not block and may output pseudo-random numbers. It is always recommended to use /dev/random for more secure random number generation.

Just what I thought. Thanks gptii.

@retoor

I know UUID is just a format, hence why I said "safely generated".

@kiki

urandom itself does fall back to known PRNG algorithms such as Mersenne when there's not enough entropy, but yeah, so long as entropy ain't a big fat 0, you should be set.