Cryptographic random numbers...

[almurph]

Hi,

Hope you can help me with this one. I am trying to create random
number between 0 and 1 inclusive of cryptographiuc quality.
The problems is though - I don't know how! Here is what I have so far
and I would greatly appreciate any comments/suggestions/code-samples
that you may like to share. Thank you.

Al


**** CODE AS FOLLOWS ****

byte[] random = new byte[2];
RNGCryptoServiceProvider rng = new
RNGCryptoServiceProvider();
rng.GetBytes (random);

return Convert.ToDouble(random[0]);

*** END CODE ***



The prblem with the above is that it produces very large numbers. I
nned numbers between 0 and 1.

 

[Pavel Minaev]

Hi,

        Hope you can help me with this one. I am trying to createrandom
number between 0 and 1 inclusive of cryptographiuc quality.
        The problems is though - I don't know how! Here is what Ihave so far
and I would greatly appreciate any comments/suggestions/code-samples
that you may like to share. Thank you.

Al

**** CODE AS FOLLOWS ****

            byte[] random = new byte[2];
            RNGCryptoServiceProvider rng = new
RNGCryptoServiceProvider();
            rng.GetBytes (random);

            return Convert.ToDouble(random[0]);

*** END CODE ***

        The prblem with the above is that it produces very large numbers. I
nned numbers between 0 and 1.

byte[] random = new byte[8];
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetBytes(random);
return (double)BitConverter.ToUInt64(random) / UInt64.Max;

 

[raylopez99]

Hi,

        Hope you can help me with this one. I am trying to createrandom
number between 0 and 1 inclusive of cryptographiuc quality.
        The problems is though - I don't know how! Here is what Ihave so far
and I would greatly appreciate any comments/suggestions/code-samples
that you may like to share. Thank you.

Al

**** CODE AS FOLLOWS ****

            byte[] random = new byte[2];
            RNGCryptoServiceProvider rng = new
RNGCryptoServiceProvider();
            rng.GetBytes (random);

            return Convert.ToDouble(random[0]);

*** END CODE ***

        The prblem with the above is that it produces very large numbers. I
nned numbers between 0 and 1.

What is this class: RNGCryptoServiceProvider? If it's a library
function, just look into the documentation for it.

Another solution: use MSFT's Random() function, and don't worry about
it being of "crypto quality" --for most stuff it's OK, just use the
system clock to reseed it once in a while. Good enough for government
work.

RL

 

[almurph]

Hi,

        Hope you can help me with this one. I am trying to create random
number between 0 and 1 inclusive of cryptographiuc quality.
        The problems is though - I don't know how! Here is whatI have so far
and I would greatly appreciate any comments/suggestions/code-samples
that you may like to share. Thank you.

**** CODE AS FOLLOWS ****

            byte[] random = new byte[2];
            RNGCryptoServiceProvider rng = new
RNGCryptoServiceProvider();
            rng.GetBytes (random);

            return Convert.ToDouble(random[0]);

*** END CODE ***

        The prblem with the above is that it produces very large numbers. I
nned numbers between 0 and 1.

What is this class: RNGCryptoServiceProvider?  If it's a library
function, just look into the documentation for it.

Another solution:  use MSFT's Random() function, and don't worry about
it being of "crypto quality" --for most stuff it's OK, just use the
system clock to reseed it once in a while.  Good enough for government
work.

RL- Hide quoted text -

- Show quoted text -

Thank you both very much for your comments - its working now.
Al.

 

[Pavel Minaev]

Thank you both very much for your comments - its working now.

You didn't say which way you went, so here's a warning: if you do
indeed truly need cryptographic RNG (i.e., because your specification
requires you to, for example, if you're generating salt for
encryption), then you should absolutely not use Random (which is a
class, by the way, not a function) - it is very predictable.

 

[almurph]

You didn't say which way you went, so here's a warning: if you do
indeed truly need cryptographic RNG (i.e., because your specification
requires you to, for example, if you're generating salt for
encryption), then you should absolutely not use Random (which is a
class, by the way, not a function) - it is very predictable.

Sorry I'm using Pavels - it looks like this:

byte[] random = new byte[8];
RNGCryptoServiceProvider rng = new
RNGCryptoServiceProvider();
rng.GetBytes(random);
return (double)BitConverter.ToUInt64(random, 0)/
UInt64.MaxValue ;

Am interested to hear more about this salt...Any examples?

 

[raylopez99]

Absolutely not.  Random is NOT of cryptographic quality and should not
be used for cryptographic purposes.  The requirements for a
cryptographic RNG are very different from a simple PRNG for
simulations, which is what Random is.  See RFC 4056:http://rfc.net/rfc4086.htmlfor more details.

Whatever. Like Linus Torvalds said recently, the security folks have
their pants all tied in a knot over the smallest details. I'm sure
you're right, but if you reseed Random for the most part it gives you
pretty random numbers it seems to me.

And in fact reading the link you sent indicates that Microsoft does
have something that gets seeds from buffer memory something something
and produces near crypto quality randomness, which I guess is what the
OP was talking about: "Microsoft's recommendation to users of the
widely deployed Windows operating system is generally to use the
CryptGenRandom pseudo-random number generation call with the CryptAPI
cryptographic service provider. "

RL

 

[Jon Skeet [C# MVP]]

Whatever. Like Linus Torvalds said recently, the security folks have
their pants all tied in a knot over the smallest details. I'm sure
you're right, but if you reseed Random for the most part it gives you
pretty random numbers it seems to me.

And this is why people who aren't trained in security (including
myself) shouldn't be trusted to come up with secure algorithms.

System.Random *isn't* sufficiently random for security purposes. The OP
explicitly said he wanted a "cryptographic quality" random number
generator - why would you recommend something which goes directly
against what is asked for?

 

[Todd Carnes]

On Jul 17, 5:41 am, "(e-mail address removed)" <[email protected]>
wrote:
[snip]

Another solution: use MSFT's Random() function, and don't worry about
it being of "crypto quality" --for most stuff it's OK, just use the
system clock to reseed it once in a while. Good enough for government
work.

RL

That's not a solution to the question when the OP specifically asks
about cryptographic quality random numbers.

 

[raylopez99]

System.Random *isn't* sufficiently random for security purposes. The OP
explicitly said he wanted a "cryptographic quality" random number
generator - why would you recommend something which goes directly
against what is asked for?

Jon--Because nobody will ever know. If he codes using Random() and
uses a scrambler on his object code, how can you test to see if the
RNG is weak or not? Now I'm sure there's some specialized hardware
out there to do so, but as a practical matter nobody will ever find
out and even care. Worse case somebody finds out and you issue a
patch, and in the meantime have made money from pushing your product
out the door first, before your competitors do.

Rapid coding it's called. You can do a "CASE" analysis, lots of
flowcharting of software architecture using UML and state diagrams,
lots of discussion about program flow, 'best coding' practices for a
"Level 3" organization with a team of PhD programmers, or, you can
just sit down by yourself and by the seat of your pants bash out some
code on your keyboard over a couple of weeks, with the architecture
done on-the-fly and 'in your mind's eye'. Use Bangladore to help you
on modular stuff you can plug in later. Meanwhile you've told your
customers that your alpha code is in final testing and will be shipped
soon--you collect the money, ship the product and use some of the
revenue to issue patches and fix bugs later.

Without mentioning names, that's what Microsoft and other large
organizations have done or allegedly could have done, and if it's good
enough for MSFT, it's good enuf 4 me.

RL

 

[almurph]

Jon--Because nobody will ever know.  If he codes using Random() and
uses a scrambler on his object code, how can you test to see if the
RNG is weak or not?  Now I'm sure there's some specialized hardware
out there to do so, but as a practical matter nobody will ever find
out and even care.  Worse case somebody finds out and you issue a
patch, and in the meantime have made money from pushing your product
out the door first, before your competitors do.

Rapid coding it's called.  You can do a "CASE" analysis, lots of
flowcharting of software architecture using UML and state diagrams,
lots of discussion about program flow, 'best coding' practices for a
"Level 3" organization with a team of PhD programmers, or, you can
just sit down by yourself and by the seat of your pants bash out some
code on your keyboard over a couple of weeks, with the architecture
done on-the-fly and 'in your mind's eye'.  Use Bangladore to help you
on modular stuff you can plug in later.  Meanwhile you've told your
customers that your alpha code is in final testing and will be shipped
soon--you collect the money, ship the product and use some of the
revenue to issue patches and fix bugs later.

Without mentioning names, that's what Microsoft and other large
organizations have done or allegedly could have done, and if it's good
enough for MSFT, it's good enuf 4 me.

RL

On a point of information there is a test for random sequence called
the chi-squared statistic cf.
http://en.wikibooks.org/wiki/Algorithm_implementation/Pseudorandom_Numbers/Chi-Square_Test

 

[Jon Skeet [C# MVP]]

Jon--Because nobody will ever know.  If he codes using Random() and
uses a scrambler on his object code, how can you test to see if the
RNG is weak or not?  Now I'm sure there's some specialized hardware
out there to do so, but as a practical matter nobody will ever find
out and even care.  Worse case somebody finds out and you issue a
patch, and in the meantime have made money from pushing your product
out the door first, before your competitors do.

If the code has reached client machines, they can very easily find out
that he's using System.Random. Ever used Reflector? It not, try it.

Rapid coding it's called.

In this case it's called *sloppy* coding. Deliberately using something
you know to be weak, despite a declared requirement for a
cryptographically strong random number generator is just sloppy -
particularly when the alternative is readily available.

I'm all for agile coding and doing the simplest possible thing that
meets the requirements - but meeting the requirements is the key here.
Using System.Random *doesn't* meet the stated requirements.

Jon

 

[Todd Carnes]

Jon--Because nobody will ever know. If he codes using Random() and
uses a scrambler on his object code, how can you test to see if the
RNG is weak or not? Now I'm sure there's some specialized hardware
out there to do so, but as a practical matter nobody will ever find
out and even care. Worse case somebody finds out and you issue a
patch, and in the meantime have made money from pushing your product
out the door first, before your competitors do.

Highly unethical.

Todd

 

[Todd Carnes]

If the code has reached client machines, they can very easily find out
that he's using System.Random. Ever used Reflector? It not, try it.


In this case it's called *sloppy* coding. Deliberately using something
you know to be weak, despite a declared requirement for a
cryptographically strong random number generator is just sloppy -
particularly when the alternative is readily available.

It's not sloppy, it's lazy and unethical.

Todd