Routinely compute secure data

25

Random functions are not totally random in computation. I would like to know if there is a safe way to safely generate a salt, or any random string, without using external hardware.

Can randomization be achieved without the use of external hardware, for example by using the time it takes for a process to take place? Is not this something intrinsic to the quantum states of the processor materials? smaller calculable unit of time by a computer, an exact same process is always calculated at the same speed.

    
asked by Weslley C X Sardinha 18.07.2014 в 14:04
source

3 answers

15

Use external hardware

Can not generate random numbers without external hardware .

As already indicated in the comments of your answer, you could use either the Lavarand

If you enter sites that use Really Random Services ( Random.org or HotBits ) use external hardware to ensure random numbers:

Random.org: uses noise in atmospheric signals ( reference ).

HotBits: uses radioactive particle decay ( reference ).

I can not see why using external hardware, such as the Random.org API could bring you security issues.

If you insist on not using them:

As you requested (examples in PHP or C ++), I'll post below the best way to get pseudo-random numbers in PHP:

<?php
mt_srand((double)microtime()*1000000);

echo "<b>mt_rand() com mt_srand()</b><br><br>";


for($i = 0; $i != 5; $i++)
{
    echo mt_rand(0, 100)."<br><br>";
}
?> 

mt_rand() is much higher than srand() for using Marsenne Twister is probably one of the best pseudo-random number implementations ever.

If you want to compare with other forms in php:

<?php

echo "<b>rand() sem srand() (semente/alimentação)</b><br><br>";

for($i = 0; $i != 5; $i++)
{

echo rand(0, 100)."<br><br>";

}

srand((double)microtime()*1000000);

echo "<b>rand() com srand()</b><br><br>";


for($i = 0; $i != 5; $i++)
{

echo rand(0, 100)."<br><br>";

}

echo "<b>mt_rand() sem mt_srand()</b><br><br>";

for($i = 0; $i != 5; $i++)
{

echo mt_rand(0, 100)."<br><br>";

}

mt_srand((double)microtime()*1000000);

echo "<b>mt_rand() com mt_srand()</b><br><br>";


for($i = 0; $i != 5; $i++)
{

echo mt_rand(0, 100)."<br><br>";

}

?>

EDITED:

I found the images of the accepted response somewhat suspicious and decided to take the test:

Random.org

rand()

mt_rand ()

Thecodeforthistestisin gist the experiment was performed with PHP 5.3 and can also run online (without having to install anything on that site ).

    
answered by 21.07.2014 / 17:42
source
15

Before responding directly to your question, I would like to establish some parallels that will help in understanding the answer.

First, evaluate the sequences below and their corresponding formulas:

01010101010101010101010101   f(X) = NOT X
AAAAAAAAAAAAAAAAAAAAAAAAAA   f(X) = "A"
ABCDEFGHIJKLMNOPQRSTUVWXYZ   f(X) = CHAR(ASCII(X) + 1)

Without much work, we have come to the conclusion that the predictability (or deterministic definition) of these sequences is very high - or, conversely, that the entropy is very low.

But what is entropy? It is the measure of chaos in a system. The term was originally meant to describe thermodynamic systems, but the concept is also applicable to other domains - data, for example. When we talk about the generation of random or random content by computers, we are talking about formulas that generate values that have a distribution similar to that found in a system with high entropy and continuous uniform distribution.

An example of continuous uniform distribution of easy viewing is white noise, where distribution is seemingly impossible to be described with a deterministic formula - but where we can use statistics to describe density. This is a white noise bitmap generated on Random.org:

Forcomparison,thisisthePHPrand()functionbitmapasdemonstratedbydeveloperBoAllenina2012postonhispersonalblogtitled Pseudo-random Vs. True random . Notice how easily you detect the generation pattern:

Whileinnaturesystemsloseorderandgainentropy,thereverseoccursindatasystems.Wheneveryou'generate'randomnumbers,youarestealingtheentropysystem,andenteringorder.

Asanexample,let'sassumethatIhavethefollowingrandomstringoflettersviaRandomStringGeneratorfromrandom.org:

ChaveJPVPUUWWJAZEEUMLXDVT

WhatIuseinasimpleencryptionformula,whereI'add'thevariationtotheletterAofeachpositionwhenapplyingtoaletterofmypayloadinthesameposition.

PayloadConteúdoencriptadoAAAAAAAAAAAAAAAAAAAAJPVPUUWWJAZEEUMLXDVTBBBBBBBBBBBBBBBBBBBBKQWQVVXXKBAFFVNMYEWU

Butnotethatifmypayloadisequaltoorgreaterthanthekey,Ihavezappedthesystementropy.So,assumethatIconcatenatemykey,forthefollowingpayload:

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Myencryptedcontentwouldbe:

JPVPUUWWJAZEEUMLXDVTJPVPUUWWJAZEEUMLXDVT^^^^^^

SoIcaneasilydetectthereplayandpredicttherestofthesequence.

Fromthesecuritypointofview,saferandomfunctionsarethosethatperiodicallyrechargewithentropy,inordertopreventpredictability.

Youcanreloadentropyinseveralways;Thebestsourceofentropyistherealworld.Someexamples,whichcanbeusedtogetherwithapseudo-randomfunctionintheformofseeds:

  • AccessTwittertrendingtopics.Getthelast128tweetsgenerated.Extractthedayandtimeofeach,converttoabytearray.
  • Captureimagesfrom2ormorepublicwebcamsaroundtheworld.ExtracttheMD5fromallofthem.Converttoabytearray.
  • Letyourcatwalkonthekeyboard.Convertthegeneratedcharacterstoabytearray.(Addahamstertothesystemformoredata.Preventabandonmentofsystemscopewithaboxaroundallthree.)

Eachoftheseexamplesprovidesdifferentsamplesizeandsamplerate.Themorerandomsourcedatayouinsertintoahybridsystemwithacoupledpseudo-randomgenerator,thesmallerthepatterndetectionchanges.

Theanswer,therefore,isnot:Youneedtoimportanentropyfromanexternalsystem.

Sources:

>

link

edit-disclaimer: Added the reference to the post where the image of the RAND() function was removed.

    
answered by 22.07.2014 в 16:32
10

Random data can only be obtained from random processes. Physically, only quantum processes are really random, so there are external devices that generate random data: geiger counters, reverse polarized PN junctions, etc.

Without using external equipment, you can:

  • Get data from sites that generate random numbers: If you trust these sources and the process they use, you can get these data externally

  • Use pseudo-random numbers generated on your own computer: the best sources are those of your operating system, as they should have been built following best practices at the time of its construction.

    li>
  • In general, if you use the functions / methods / whatever is in your programming language, it will search for those of the operating system. And they will be the best fonts available to you.

  • make your own source: in general, it is very easy to make a mistake and end up generating less random numbers than those obtained by the operating system itself. Unless you are suspicious / know that your OS numbers are unreliable, which in the case means your problems are worse than just trusting or not in the numbers it provides.

[Edited by changing the question]

  

Can randomization be achieved without the use of external hardware, for example using the time it takes for a process to take place?

Yes, the time that a process takes may change, since the processing frequency of a processor can vary with temperature, voltage, etc. But this variation may be extremely small, perhaps imperceptible. Could it be verified by the use of a watch? Yes, it could, with an extremely accurate clock, eg an atomic clock or GPS. But this is not "internal" to a computer. A program, running within a computer, does not know how long it took to run, without using an external precision clock.

  

Is not this something that is intrinsic to the quantum states of the processor materials? If not, theoretically, in the smallest calculable unit of time by a computer, an exactly equal process is always calculated at the same speed.

Exactly. If you have a processor running at 3.2GHz and each instruction takes a cycle to run, it means that each instruction will run at 0.3125 nanoseconds to execute. If your processor is running at 3.199GHz, each instruction will take 0.3126 nanoseconds. It is not simple to have a clock that can detect this time difference.

    
answered by 21.07.2014 в 18:39