Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: swordfish --- a password generator
Special Forums Cybersecurity swordfish --- a password generator Post 302081450 by Perderabo on Tuesday 25th of July 2006 11:19:23 AM
Old 07-25-2006
I will post a new copy of swordfish making these changes:
Code:
In the weak_start_tigershark function: the line in green is new.

function weak_start_tigershark
{
        typeset -i  i final duration
        ((final=SECONDS+2))

        while((SECONDS < final)) ; do
                i=$RANDOM
        done

        ((Carry=0))
        ((X0=$$))
        ((X1=RANDOM))
        ((X2=RANDOM))
        ((X3=RANDOM))
        ((DEBUG)) && echo weakstart X3=$X3 X2=$X2 X1=$X1 X0=$X0 Carry=$Carry
        Sum=0
        ((Stigershark=Stigershark+1))
        return 0
}


In the Main section: The lines in red go away:

if [[ $Entropy = $ZeroEntropy ]] ; then
                echo "********************************" >&2
                echo "*                              *" >&2
                echo "*  Warning:  Entropy is zero!  *" >&2
                echo "*                              *" >&2
                echo "********************************" >&2
                echo generating weak entropy... >&2
                weak_start_tigershark
                status_tigershark
                entropy_generator 1 array
                echo  Entropy = ${Entropy}
                NeedMoreEntropy=1
fi

It is too early in the program to call status_tigershark since linecount has not be initialized and also it is sending unsolicted output to stdout. And that "echo Entropy" should have been directed to stderr as well. The remaining error message should be enough to call attention to the fact that swordfish is not operating in an optimum manner. And the user can always turn on debug mode for more output.

Yes, my intent is that swordfish be invoked always in the same directory. swordfish maintains an entropy file which is random data used to initialize the internal random number generator. But the first time the random number generator is called, there won't be an entropy file. So swordfish will initialize the RNG from /dev/urandom or /dev/random. If neither of those is available then swordfish is stuck with no decent source of initial random numbers. So it invokes the internal ksh RANDOM routine to get a few random numbers and it uses its current PID for one more random number. It first spends a couple of seconds burning off some of KSH's random numbers so it is not as bad as it might otherwise be. But it still complains about the situation. This is what is happening to you. Even HP-UX finally implemented /dev/random in 11.23. What OS are you using without a /dev/random?

If you really want to call swordfish from arbitrary directories, you could change the line:
ENTROPYFILE=swordfish.ent
to be an obsolute path to your entropy file. But remember, if other people can read your entropy file, they might be able to predict the passwords it
will generate.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

Password Generator

I need a great Password Generator program. I looked at a few of them, but none of them seemed to be what I wanted. So I have decided to write my own. (That's the cool thing about being a programmer....I always get what I want in software :) ) Do you have any password generators that you... (13 Replies)
Discussion started by: Perderabo
13 Replies

2. UNIX for Dummies Questions & Answers

date generator

Is there a command to generate the unix date that is in theshadow file?>? (2 Replies)
Discussion started by: BG_JrAdmin
2 Replies

3. Shell Programming and Scripting

time generator

Hi experts, I'd like to generate the table/file containing: number of milliseconds elapsed since midnight till midnight. It should contain 5 columns (hours minutes seconds milliseconds): Table will have theoretically 86 400 000 rows. My question is , is there somewhere the file or source... (7 Replies)
Discussion started by: hernand
7 Replies

4. Shell Programming and Scripting

Sequence generator

Thanks Guys This really helped (5 Replies)
Discussion started by: robert89
5 Replies

5. UNIX for Beginners Questions & Answers

Password generator with user inputs

Hi, I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
Discussion started by: Kvr123
0 Replies

6. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies

7. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT OPENSOLARIS

urandom

random(7D)							      Devices								random(7D)

NAME

       random, urandom - Strong random number generator device

SYNOPSIS

       /dev/random

       /dev/urandom

DESCRIPTION

       The /dev/random and /dev/urandom files are special files that are a source for random bytes generated by the kernel random number generator
       device. The /dev/random and /dev/urandom files are suitable for applications requiring high quality random numbers for  cryptographic  pur-
       poses.

       The  generator  device  produces  random  numbers from data and devices available to the kernel and estimates  the amount of randomness (or
       "entropy") collected from these sources. The entropy level determines the amount of high quality random numbers	that  are  produced  at  a
       given time.

       Applications  retrieve random bytes by reading /dev/random or /dev/urandom. The /dev/random interface returns random bytes only when suffi-
       cient amount of entropy has been collected. If there is no entropy to produce the requested number of bytes, /dev/random blocks until  more
       entropy	can  be  obtained.  Non-blocking  I/O  mode  can be used to disable the blocking behavior. The /dev/random interface also supports
       poll(2). Note that using poll(2) will not increase the speed at which random numbers can be read.

       Bytes retrieved from /dev/random provide the highest quality random numbers produced by the generator, and can be  used	to  generate  long
       term keys and other high value keying material.

       The  /dev/urandom interface returns bytes regardless of the amount of entropy available. It does not block on a read request due to lack of
       entropy. While bytes produced by the /dev/urandom interface are of lower quality than bytes produced by /dev/random, they  are  nonetheless
       suitable for less demanding and shorter term cryptographic uses such as short term session keys, paddings, and challenge strings.

       Data  can  be written to /dev/random and /dev/urandom. Data written to either special file is added to the generator's internal state. Data
       that is difficult to predict by other users may contribute randomness to the generator state and help improve the quality of future  gener-
       ated random numbers.

       /dev/random  collects  entropy from providers that are registered with the kernel-level cryptographic framework and implement random number
       generation routines. The cryptoadm(1M) utility allows an administrator to configure which providers will be used with /dev/random.

ERRORS

       EAGAIN	  O_NDELAY or O_NONBLOCK was set and no random bytes are available for reading from /dev/random.

       EINTR	  A signal was caught while reading and no data was		transferred.

       ENOXIO	  open(2) request failed on /dev/random because no entropy provider is available.

FILES

       /dev/random

       /dev/urandom

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     | SUNWcsr			   |
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       cryptoadm(1M), open(2), poll(2), attributes(5)

NOTES

       /dev/random can be configured to use only the hardware-based providers registered with the kernel-level	cryptographic  framework  by  dis-
       abling the software-based provider using cryptoadm(1M). You can also use cryptoadm(1M) to obtain the name of the software-based provider.

       Because	no  entropy  is  available, disabling all randomness providers causes read(2) and poll(2) on /dev/random to block indefinitely and
       results in a warning message being logged and displayed on the system console. However, read(2) and poll(2)  on	/dev/urandom  continue	to
       work in this case.

       An implementation of the /dev/random and /dev/urandom kernel-based random number generator first appeared in Linux 1.3.30.

       A /dev/random interface for Solaris first appeared as part of the CryptoRand implementation.

SunOS 5.11							    1 Sep 2008								random(7D)
All times are GMT -4. The time now is 03:13 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy