[Python-ideas] Should our default random number generator be secure?
M.-A. Lemburg
mal at egenix.com
Fri Sep 11 22:44:46 CEST 2015
On 11.09.2015 20:52, Tim Peters wrote:
> [Tim]
>>> ...
>>> 2. If they knew they were targeting MT, and had 624 consecutive 32-bit
>>> outputs, they could compute MT's full internal state essentially
>>> instantly.
>
> [Marc-Andre]
>> How would they do that ? MT's period is too large for
>> things like rainbow tables.
>
> It's not trivial to figure out how to do this, but once you do, it
> works ;-) No search, or tables, of any kind are required. It's just
> simple (albeit non-obvious!) bit-fiddling to invert MT's
> state-to-output transformations to get the state back. Here's a very
> nice writeup:
>
> https://jazzy.id.au/2010/09/22/cracking_random_number_generators_part_3.html
Indeed very nice. Thanks for the pointer.
I wonder why untwister doesn't use this. I gave it 1000 32-bit
integers, so it should have enough information to recover the
seed in a short while, but it's still trying to find the seed.
Oh, and it now shows: 5 days 21 hours left. I stopped it there.
Anyone up for a random.recover_seed() function ? ;-)
--
Marc-Andre Lemburg
eGenix.com
Professional Python Services directly from the Source (#1, Sep 11 2015)
>>> Python Projects, Coaching and Consulting ... http://www.egenix.com/
>>> mxODBC Plone/Zope Database Adapter ... http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/
________________________________________________________________________
2015-09-18: PyCon UK 2015 ... 7 days to go
::::: Try our mxODBC.Connect Python Database Interface for free ! ::::::
eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48
D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
Registered at Amtsgericht Duesseldorf: HRB 46611
http://www.egenix.com/company/contact/
More information about the Python-ideas
mailing list