 |
|
|
|
Related Topics:
| Score Surface for 94nop - Hi, some anonymous person (still called for ;-) is so kind to provide access to a pile of I have suggested to calculate one score surface for standard settings. It takes roughly 1000 times the time of one surface to..
Bug in pMARS - Hi, either I don't know how EQUs work or I have found a bug in the parser of pMARS. So far I cound pin it down to: ;name test ;assert CORESIZE == 800 v3 EQU 3 * (3 / 2 + 1) + 3 v4 EQU (CORESIZE - v3) dat.f v3, v4 With the..
KOTH.ORG: Status - ICWS Experimental 94 03/06/06 - Weekly Status on 03/06/06 -=- is up! Meetings held in #corewars -=- Tons of new features on pages -=- *FAQ* page located at: Current Status of the KOTH.ORG ICWS 94..
KOTH.ORG: Status - MultiWarrior 94 03/06/06 - Weekly Status on 03/06/06 -=- is up! Meetings held in #corewars -=- Tons of new features on pages -=- *FAQ* page located at: Current Status of the KOTH.ORG 94 CoreWar..
KOTH.ORG: Status - 94 No Pspace 03/06/06 - Weekly Status on 03/06/06 -=- is up! Meetings held in #corewars -=- Tons of new features on pages -=- *FAQ* page located at: Current Status of the KOTH.ORG 94 No Pspace CoreWar Hill:..
|
|
| Author |
Message |
External
Since: May 25, 2006
Posts: 295
|
(Msg. 31) Posted: Thu Dec 27, 2007 1:07 pm
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: alt>comp>lang>borland-delphi, others (more info?)
|
|
|
A random number generator which can only produce one "truely" random number
is pretty useless.
Many "truely" random numbers are needed for preventing attacks from
attackers.
System Time api is limited to 32 bits last time I checked unless one uses
the high performance timers/etc.
The hashing is irrelevant.
It's just a method to transform the original random number.
The attacker's goal would be to predict the original random number and once
he can do that successfully it's only a matter of taking the number through
the hash a couple of times until a match is found.
The matches can be anything.
Suppose america decides to use the random number generator to bomb the
planet... and they don't want anybody to know where the next bomb will fall
then it is important that the numbers are truely random.
An attacker however knows which last locations where bombed.
So this is what I mean with "matches".
The attacker can use the matches to reverse engineer it.
I can take/guess a time... and then take that time through the hash to see
if it produces one or multiple of these locations.
If it does the attacker might be on to something. He might have found one of
the original times etc.
From that moment on it becomes easier for the attacker to "zoom in" on the
range 
The rest is history LOL =D
A difference of 1000 milliseconds is not that much
Just 1000 runs necessary to find a matching hash.
Bye,
Skybuck. |
|
| Back to top |
|
 | |
External
Since: Dec 27, 2007
Posts: 4
|
(Msg. 32) Posted: Thu Dec 27, 2007 1:07 pm
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article <13345$4773a77c$541983fa$8374@cache2.tilbu1.nb.home.nl>,
spam.RemoveThis@hotmail.com says...
> A random number generator which can only produce one "truely" random number
> is pretty useless.
>
> Many "truely" random numbers are needed for preventing attacks from
> attackers.
As you should have been able to tell, he means "one at a time". As he
also described, if you want strings of random numbers, just use the
output of one iteration to seed the next one.
>
> System Time api is limited to 32 bits last time I checked unless one uses
> the high performance timers/etc.
>
> The hashing is irrelevant.
>
> It's just a method to transform the original random number.
Yes, but to something that cannot be used to determine the original one.
This is a standard, and mathematically proven, technique.
>
> The attacker's goal would be to predict the original random number and once
> he can do that successfully it's only a matter of taking the number through
> the hash a couple of times until a match is found.
>
> The matches can be anything.
Yes, but for high security uses, instead of using 32 bits and its
resulting 4 Billion possible results, an equivalent algorithm will use
thousands of bits, and the resulting enormous number of possibilities
make a brute-force approach (which is what you are describing)
impractical. There was never any claim that this algorithm was adequate
for truly high-security needs, but they are adequate for normal every-
day random number generators and routine encryption and obfuscation
needs.
.....
--
Remove the ns_ from if replying by e-mail (but keep posts in the
newsgroups if possible). |
|
| Back to top |
|
| |
External
Since: May 25, 2006
Posts: 295
|
(Msg. 33) Posted: Fri Dec 28, 2007 12:31 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
> Yes, but for high security uses, instead of using 32 bits and its
> resulting 4 Billion possible results, an equivalent algorithm will use
> thousands of bits, and the resulting enormous number of possibilities
Time is usually in 32 bits or 64 bits not thousands of bits.
The assumption is the attacker has the algorithm as well.
The attackers guesses the input for the hash algorithm. If the attacker
guesses the input for the hash algorithm correctly the resulting hash will
ofcourse be the same, it's as simple as that.
Conclusion: The hash algorithm used is irrelevant if the attacker has it as
well.
The attacker guesses the time, and then proceeds for a certain number of
loops until a match is found, or not then re-guesses T and repeats.
The attacker might not be able to predict the next random number, but the
attacker can guess a certain range of likely numbers.
Not a good property to have for a random number generator especially for any
encryption purposes or so
Bye,
Skybuck. >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 01, 2007
Posts: 16
|
(Msg. 34) Posted: Fri Dec 28, 2007 12:31 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Skybuck Flying wrote:
>> Yes, but for high security uses, instead of using 32 bits and its
>> resulting 4 Billion possible results, an equivalent algorithm will use
>> thousands of bits, and the resulting enormous number of possibilities
>
> Time is usually in 32 bits or 64 bits not thousands of bits.
>
> The assumption is the attacker has the algorithm as well.
>
> The attackers guesses the input for the hash algorithm. If the attacker
> guesses the input for the hash algorithm correctly the resulting hash will
> ofcourse be the same, it's as simple as that.
>
> Conclusion: The hash algorithm used is irrelevant if the attacker has it as
> well.
>
> The attacker guesses the time, and then proceeds for a certain number of
> loops until a match is found, or not then re-guesses T and repeats.
>
> The attacker might not be able to predict the next random number, but the
> attacker can guess a certain range of likely numbers.
>
> Not a good property to have for a random number generator especially for any
> encryption purposes or so
>
> Bye,
> Skybuck.
>
>
you are so lame, you are so out of it
you have no idea what the others are saying - - -
Jim P. >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 27, 2007
Posts: 1
|
(Msg. 35) Posted: Fri Dec 28, 2007 12:31 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Skybuck Flying" <spam DeleteThis @hotmail.com> wrote in message
news:5a513$4774355a$541983fa$21499@cache1.tilbu1.nb.home.nl...
>> Yes, but for high security uses, instead of using 32 bits and its
>> resulting 4 Billion possible results, an equivalent algorithm will use
>> thousands of bits, and the resulting enormous number of possibilities
>
> Time is usually in 32 bits or 64 bits not thousands of bits.
>
The 64 bit time cn be used to prime much larger keys.
Soem satellitte encrytion does this. a message send ground to ground works
like this;
each ground station independently syncs clks with the satellite. GSI uses he
64 bit time to seed an encrytoion key, encrypts a packet, and sends it. The
satellite, using the same time key to seed the ecrytion key, decodes hte
packet and smay store it fr retransmit. Meanwhile, at each tick of he clock
(specified interval) the new time value feeds a new encryption key and the
proceess continues. Teh process is reversed as teh message does to GSOO from
the satellite.
Encryption keys are cahnged on hte rder of every 10th of a second, the time
value seeding 1024 bit key --- or even larger.
This paradigm is virtually unbreakable, the processing power needed to break
that large a ke that changes everr 2 or 3 paacets --- even every packet ---
is enormous --- a 5 mb transmission can require the breaking of as many as
10,000 keys.
> The assumption is the attacker has the algorithm as well.
>
> The attackers guesses the input for the hash algorithm. If the attacker
> guesses the input for the hash algorithm correctly the resulting hash will
> ofcourse be the same, it's as simple as that.
>
> Conclusion: The hash algorithm used is irrelevant if the attacker has it
> as well.
>
> The attacker guesses the time, and then proceeds for a certain number of
> loops until a match is found, or not then re-guesses T and repeats.
>
> The attacker might not be able to predict the next random number, but the
> attacker can guess a certain range of likely numbers.
>
> Not a good property to have for a random number generator especially for
> any encryption purposes or so
>
> Bye,
> Skybuck.
>
> >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 27, 2007
Posts: 1
|
(Msg. 36) Posted: Fri Dec 28, 2007 12:31 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
|
|
| Back to top |
|
| |
External
Since: May 25, 2006
Posts: 295
|
(Msg. 37) Posted: Fri Dec 28, 2007 6:08 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
Were these satelites put up there before or after netscape's encryption was
broken ?
Netscape's webbrowser ssl encryption or something like that used time as
well, and guess what it was broken/cracked too LOL.
Anyway... the question is:
How are the keys generated based on the 64 bit time value ? 
Bye,
Skybuck. >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 27, 2007
Posts: 4
|
(Msg. 38) Posted: Fri Dec 28, 2007 8:23 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article <5a513$4774355a$541983fa$21499@cache1.tilbu1.nb.home.nl>,
spam RemoveThis @hotmail.com says...
> > Yes, but for high security uses, instead of using 32 bits and its
> > resulting 4 Billion possible results, an equivalent algorithm will use
> > thousands of bits, and the resulting enormous number of possibilities
>
> Time is usually in 32 bits or 64 bits not thousands of bits.
That's why this algorithm is not used for military grade encyrption.
> The assumption is the attacker has the algorithm as well.
>
> The attackers guesses the input for the hash algorithm. If the attacker
> guesses the input for the hash algorithm correctly the resulting hash will
> ofcourse be the same, it's as simple as that.
>
> Conclusion: The hash algorithm used is irrelevant if the attacker has it as
> well.
>
> The attacker guesses the time, and then proceeds for a certain number of
> loops until a match is found, or not then re-guesses T and repeats.
>
> The attacker might not be able to predict the next random number, but the
> attacker can guess a certain range of likely numbers.
>
> Not a good property to have for a random number generator especially for any
> encryption purposes or so
It's good enough for everyday use, especially if you use a 64-bit timer.
--
Remove the ns_ from if replying by e-mail (but keep posts in the
newsgroups if possible). >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 27, 2007
Posts: 4
|
(Msg. 39) Posted: Fri Dec 28, 2007 8:25 am
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
In article <c5885$47749c41$541983fa$30023@cache1.tilbu1.nb.home.nl>,
spam.DeleteThis@hotmail.com says...
> Were these satelites put up there before or after netscape's encryption was
> broken ?
>
> Netscape's webbrowser ssl encryption or something like that used time as
> well, and guess what it was broken/cracked too LOL.
Yes, but it took a long time to decrypt the information, and if the
information is useless after a few minutes, it's still good enough.
>
> Anyway... the question is:
>
> How are the keys generated based on the 64 bit time value ?
>
> Bye,
> Skybuck.
>
>
>
--
Remove the ns_ from if replying by e-mail (but keep posts in the
newsgroups if possible). >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
External
Since: Dec 28, 2007
Posts: 1
|
(Msg. 40) Posted: Fri Dec 28, 2007 2:56 pm
Post subject: Re: Skybuck's Racing Random Number Generator [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
John E. Hadstate <jh113355.DeleteThis@hotmail.com> wrote:
>It seems like it, but you have to think this one through.
I'm aware that I may be missing a joke here, but this type of thing
interests me for various reasons, and I'd like to run my thinking by
someone else.
First, assume that a correct guess for the seed values (starting time
and number of iterations) can be verified at moderate cost.
Second, system time can usually be predicted within (say) half an
hour, which is a 60*60 = 3 600 second range. That is about 12 bits of
entropy. Often, system time can be predicted with much greater precision,
say within a second, which would amount to at most one or two bits
of entropy.
Third, we can place an upper bound on the number of invocations of
SHA-256 within a second of wall clock time. If every invocation takes
1000 clock cycles and modern computers run at 4 GHz, then we have at
most 4 million invocations, giving at most another 22 bits of entropy.
Given more system knowledge (such as CPU speed, exact system time,
average load, etc.), this can be significantly lower.
Conclusion: The output of this generator has between 0 and 34 bits of
entropy, depending on the adversary's knowledge.
PS. Followup-to set.
--
Kristian Gjøsteen >> Stay informed about: Skybuck's Racing Random Number Generator |
|
| Back to top |
|
| |
|
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Search
Profile
Private Messages
Log in/Register/Password
