From: avalon@coombs.anu.edu.au (Darren Reed)
To: yanek@novavax.nova.edu (Yanek Martinson)
Message Hash: f6f6b99b5ef5ec0e3bdd67ec7ddac79ff4c3c65124a52a46a18d66871389e043
Message ID: <9212151704.AA15303@coombs.anu.edu.au>
Reply To: <9212151555.AA10507@novavax.nova.edu>
UTC Datetime: 1992-12-15 17:05:15 UTC
Raw Date: Tue, 15 Dec 92 09:05:15 PST
From: avalon@coombs.anu.edu.au (Darren Reed)
Date: Tue, 15 Dec 92 09:05:15 PST
To: yanek@novavax.nova.edu (Yanek Martinson)
Subject: Re: timeofday for randomnessness ?
In-Reply-To: <9212151555.AA10507@novavax.nova.edu>
Message-ID: <9212151704.AA15303@coombs.anu.edu.au>
MIME-Version: 1.0
Content-Type: text/plain
In some email I received from Yanek Martinson, Sie wrote:
>
> > gettimeofday(&tv, NULL);
> > rand = tv.tv_usec + tv.tv_sec;
>
> Someone trying to break your code could find out approximately when
> the number was generated, then they would have a much smaller search
> space to try.
Thats why you change key 'regularly'...even randomly ?
Then they have to 'guess' when you change keys. It might be easy
to tell when an application starts, but how can you tell exactly or
even approximately how long ago someone picked a menu that changed
their key or it was otherwise changed ?
By using the microsecound counted as a random number, its almost
completely random unless you take steps to actually make less so.
But a table of the required million entries and 'init' strings
wouldn't be too hard for todays computers, hence the use of the
time in seconds to 'bump' the offset a bit.
For example, if you use a simple xor table for encoding/decoding,
its pretty easy to decode. If you change the table after it has
been used, every time, then the required time to break the entire
message is significantly larger than it would otherwise have been.
Can anyone do some maths on exactly how long it would take given
a fixed table size (contains random data) ? And also with key/
table changes at a fixed/random interval ?
(seems 1:1 :( but I maybe wrong).
darren
Return to December 1992
Return to “yanek@novavax.nova.edu (Yanek Martinson)”