| Re: How to generate cryptographically-secure random big-integers? [message #170219 is a reply to message #170213] |
Wed, 20 October 2010 10:00  |
Adam Harvey
Messages: 25
Registered: September 2010
Karma:
|
Junior Member |
|
|
On Tue, 19 Oct 2010 23:57:08 -0700, Robert Maas, http://tinyurl.com/uh3t
wrote:
> I need to generate a random integer uniformly distributed from 0 to
>
165704257009980305087908956205223296585688096305918417966291411066008093135 190411324365527113804568013399264982255120906812142560021321323875432044092 494966970218269418334085525290028472777766273110227504712320
> The following code:
> srand(time());
> $random = (rand()%9); ...etc...
> :is no good because time returns 1287555603 currently, and it would be
> relatively easy for somebody who has access to my source code to try all
> possible values for the time seed, a 10-digit integer, and thus crack my
> cryptosystem. I'm doing personal research to try to find something that
> is truly random for two hundred and ten independently random
> cryptographically secure digits. My current idea is to call the
> microsecond-time function a moderately large number of times in
> succession, subtract adacent values (result usually 4, often 5, rarely
> any other value), build a Markovian model for the sequence, and then
> apply interval refinement directly to the interval where I want the
> value until the length of the interval is small enough to specify a
> single integer. But before I go to a lot of effort to develop this idea,
> maybe one of you has an idea for some method somebody else already did
> that I could use instead?
It requires 5.3 and OpenSSL, but the openssl_random_pseudo_bytes() seems
like it would do pretty much what you want.
Adam
|
|
|
|
Calendar
Search
Help
Members
Register
Login
Home
]