Project 1999
Page 1 of 3 1 23
Show 10 post(s) from this thread on one page

Project 1999 (/forums/index.php)
-   Rants and Flames (/forums/forumdisplay.php?f=30)
-   -   linear congruential generators & you (/forums/showthread.php?t=143235)

r00t 03-14-2014 06:17 PM
linear congruential generators & you
 
the standard gcc library definition for rand() is a simple linear congruential generator

Code:
static unsigned long int next = 1;

int rand(void) // RAND_MAX assumed to be 32767
{
    next = next * 1103515245 + 12345;
    return (unsigned int)(next/65536) % 32768;
}

void srand(unsigned int seed)
{
    next = seed;
}
Quote:
Linear congruential generator should also not be used for cryptographic applications; see cryptographically secure pseudo-random number generator for more suitable generators. If a linear congruential generator is seeded with a character and then iterated once, the result is a simple classical cipher called an affine cipher; this cipher is easily broken by standard frequency analysis.
if you think the embedded devices like your router or printer et al. is using anything fancier you are sadly mistaken

these are your x.509 certificates we're talking about here people

Weyoun the Vorta 03-14-2014 06:18 PM
Shut up

Daldolma 03-14-2014 06:19 PM
wat about ayn though

SamwiseRed 03-14-2014 06:21 PM
im going back to school for computer science, maybe ill understand wtf this is all about soon.

maybe not.

r00t 03-14-2014 06:21 PM
when your "random" number generator uses 12345 as a magic constant..... you "might" have a security vulnerability

http://www.jefffoxworthy.com/uploads...timeline-2.png

r00t 03-14-2014 06:23 PM
Let me see if I can put this in a way ya'll can understand. Studying the ramifications of this mathematical function is justification for ninalooting if you lose a /random

Weyoun the Vorta 03-14-2014 06:25 PM
Ninalooting you say.

quido 03-14-2014 06:31 PM
http://en.wikipedia.org/wiki/Mersenne_twister

r00t 03-15-2014 09:05 PM
I implemented mersenne twister in pure C


PHP Code:
static const unsigned int MT_STATE_SIZE 624;

static unsigned int mt_state[MT_STATE_SIZE] = { };
static unsigned int mt_index 0;

static const unsigned int SEED_CONST 0x6c078965;
static const unsigned int EXTRACT1_CONST 0x9d2c5680;
static const unsigned int EXTRACT2_CONST 0xefc60000;
static const unsigned int GENERATE_CONST 0x9908b0df
PHP Code:
unsigned int mt_rand()
{
    if (mt_index == 0)
    {
        for (int i 0MT_STATE_SIZE; ++i)
        {
            unsigned int y = (mt_state[i] & 0x80000000
                + (mt_state[(1) % MT_STATE_SIZE && 0x7fffffff]); 

            mt_state[i] = mt_state[(397) % MT_STATE_SIZE] ^ (>> 1);

            if (!= 0)
                mt_state[i] ^= GENERATE_CONST;
        }
    }

    int y mt_state[mt_index];

    ^= (>> 11);
    ^= (<< 7) & EXTRACT1_CONST;
    ^= (<< 15) & EXTRACT2_CONST;
    ^= (>> 18);

    ++mt_index;
    mt_index %= MT_STATE_SIZE;

    return y;

PHP Code:
void seed_mt_rand(int seed)
{
    mt_index 0;
    mt_state[0] = seed;

    for (unsigned int i 1MT_STATE_SIZE; ++i)
        mt_state[i] = (SEED_CONST * (mt_state[1] ^ (mt_state[1] >> 30)) + i)) & 0xFFFFFFFF;

by freely releasing this code I could possibly be breaking a non-compete agreement so yw

Doors 03-15-2014 09:14 PM
?


All times are GMT -4. The time now is 08:44 PM.
Page 1 of 3 1 23
Show 10 post(s) from this thread on one page

Powered by vBulletin®
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.