Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Password Generator
Special Forums Cybersecurity Password Generator Post 54469 by Perderabo on Saturday 14th of August 2004 09:29:59 PM
Old 08-14-2004
Yes I will certainly not abandon interactive mode. Non-interactive mode will be in addition to interactive mode. In addition to gathering entropy from the user, I like to present the user with many passwords. Then the user can pick one that seems easy to remember or whatever.

And cryptographic strength in a random number generator does not mean that any encryption is happening. Take a look at my primary random number generator:
Code:
#! /usr/bin/ksh


bc |&

typeset -Z16 Smaster_mwcrng
Smaster_mwcrng=0
Cmaster_mwcrng=0
Xmaster_mwcrng=0

function master_mwcrng {
    print -p "999999*$Xmaster_mwcrng+$Cmaster_mwcrng"
        read -p Smaster_mwcrng
    Cmaster_mwcrng=${Smaster_mwcrng%????????}
    Xmaster_mwcrng=${Smaster_mwcrng##????????*(0)}
        [[ -z $Xmaster_mwcrng ]] && Xmaster_mwcrng=0
}

echo S=$Smaster_mwcrng C=$Cmaster_mwcrng X=$Xmaster_mwcrng
print -n "Enter a seed - "
read Xmaster_mwcrng

i=0
while ((i<30)) ; do
        ((i=i+1))
        master_mwcrng
        echo S=$Smaster_mwcrng C=$Cmaster_mwcrng X=$Xmaster_mwcrng
done

exit 0
S=0000000000000000 C=0 X=0
Enter a seed - 27
S=0000000026999973 C=00000000 X=26999973
S=0026999946000027 C=00269999 X=46000027
S=0045999981269972 C=00459999 X=81269972
S=0081269891190027 C=00812698 X=91190027
S=0091189936622671 C=00911899 X=36622671
S=0036622635289228 C=00366226 X=35289228
S=0035289193076998 C=00352891 X=93076998
S=0093076905275893 C=00930769 X=5275893
S=0005275888654876 C=00052758 X=88654876

The X's are random numbers. This generator will pass any random number test you throw at it. But suppose you knew the first three numbers:
26999973
46000027
81269972
You could have a database of the first three numbers for every possible seed. You could look up these three numbers. Now you know that the seed was 27. And so you can predict every other random number that this generator will output. Thus this random number generator is said to be cryptographically weak. A cryptographically strong RNG is unpredictable.

Just for the heck of it, I wanted a cryptographically strong RNG. So what I do is call the main RNG 500 times and load the results into an array. Then when a command is entered, one of 60 auxiliary RNG's is selected based loosely on the SECONDS variable. This RNG generates a number between 0 and 499. That element of the array is returned and the master RNG is called again to replace it. There's a lot more to it...this is the reader's digest version. Suffice it to say that if you give me the first n random numbers that it outputs, I cannot predict n+1. And it's not just that I don't have enough computers. Infinite computing resources still would not do it. I would also need to know what commands you are entering and the value of the system clock each time that you press return. In addition the automatic stuff that happens, there are user commands to restart the RNG's, scramble the arrays, etc.

In a command line driven version, I will have to select one auxiliary RNG and go with that. No it won't be as secure. The output will be just as good. The danger would come from an evil Perderabo on the system while the password generator is running. He *might* be able to to acquire enough information to guess the generated password.
 

9 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Range generator

Dear All, I have a sorted file like 1 2 3 8 9 10 45 46 47 78 The output will be range like 1 3 8 10 45 47 78 78 (9 Replies)
Discussion started by: saifurshaon
9 Replies

2. What is on Your Mind?

Barcode Generator

QR Code Generator (0 Replies)
Discussion started by: Neo
0 Replies

3. Shell Programming and Scripting

time generator

Hi experts, I'd like to generate the table/file containing: number of milliseconds elapsed since midnight till midnight. It should contain 5 columns (hours minutes seconds milliseconds): Table will have theoretically 86 400 000 rows. My question is , is there somewhere the file or source... (7 Replies)
Discussion started by: hernand
7 Replies

4. Cybersecurity

swordfish --- a password generator

Here is my new password generation script. The attachment, swordfish.txt, is in dos format. Remember that you need to use dos2unix or flip or something to get it into unix format. The script is self documenting. It has an extensive help system built-in. And you can run: swordfish "set... (8 Replies)
Discussion started by: Perderabo
8 Replies

5. Shell Programming and Scripting

Sequence generator

Thanks Guys This really helped (5 Replies)
Discussion started by: robert89
5 Replies

6. UNIX for Beginners Questions & Answers

Password generator with user inputs

Hi, I am new to bash scripting and i wanted to make a bash script that will generate a password for a user. The user must enter his/her name and the url of the site the password is used for. And the script will generate a password with those two elements in the password. So if the url is... (0 Replies)
Discussion started by: Kvr123
0 Replies

7. Shell Programming and Scripting

Random Password generator with 2 digits and 6 characters

I am using the below to random generate a password but I need to have 2 numeric characters and 6 alphabetic chars head /dev/urandom | tr -dc A-Za-z0-9 | head -c 8 ; echo '' 6USUvqRB ------ Post updated at 04:43 PM ------ Any Help folks - Can the output be passed onto a sed command to... (9 Replies)
Discussion started by: infernalhell
9 Replies

8. Shell Programming and Scripting

Hostsfile generator

Hello I use a bash script to creating the hosts file /etc/hosts But there is a bug inside my output and I want to fix this. My Array looks like this: 205,IP 111.122.133.20 205,HOST2 unas 205,HOST1 unas15533 205,COMMENT # UNAS 775,IP ... (9 Replies)
Discussion started by: Marti95
9 Replies

9. Forum Support Area for Unregistered Users & Account Problems

Password sent via reset password email is 'weak' and won't allow me to change my password

I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login. Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies

LEARN ABOUT MOJAVE

crypt::openssl::random5.18

Random(3)						User Contributed Perl Documentation						 Random(3)

NAME

       Crypt::OpenSSL::RSA - RSA encoding and decoding, using the openSSL libraries

       Crypt::OpenSSL::Random - Routines for accessing the OpenSSL pseudo-random number generator

SYNOPSIS

	 use Crypt::OpenSSL::Random;

	 Crypt::OpenSSL::Random::random_seed($good_random_data);
	 Crypt::OpenSSL::Random::random_egd("/tmp/entropy");
	 Crypt::OpenSSL::Random::random_status() or
	   die "Unable to sufficiently seed the random number generator".

	 my $ten_good_random_bytes = Crypt::OpenSSL::Random::random_bytes(10);
	 my $ten_ok_random_bytes = Crypt::OpenSSL::Random::random_pseudo_bytes(10);

DESCRIPTION

       Crypt::OpenSSL::Random provides the ability to seed and query the OpenSSL library's pseudo-random number generator

   EXPORT
       None by default.

Static Methods
       random_bytes
	   This function, returns a specified number of cryptographically strong pseudo-random bytes from the PRNG.  If the PRNG has not been
	   seeded with enough randomness to ensure an unpredictable byte sequence, then a false value is returned.

       random_pseudo_bytes
	   This function, is similar to c<random_bytes>, but the resulting sequence of bytes are not necessarily unpredictable.  They can be used
	   for non-cryptographic purposes and for certain purposes in cryptographic protocols, but usually not for key generation etc.

       random_seed
	   This function seeds the PRNG with a supplied string of bytes.  It returns true if the PRNG has sufficient seeding.  Note: calling this
	   function with non-random bytes is of limited value at best!

       random_egd
	   This function seeds the PRNG with data from the specified entropy gathering daemon.	Returns the number of bytes read from the daemon
	   on succes, or -1 if not enough bytes were read, or if the connection to the daemon failed.

       random_status
	   This function returns true if the PRNG has sufficient seeding.

BUGS

       Because of the internal workings of OpenSSL's random library, the pseudo-random number generator (PRNG) accessed by Crypt::OpenSSL::Random
       will be different than the one accessed by any other perl module.  Hence, to use a module such as Crypt::OpenSSL::Random, you will need to
       seed the PRNG used there from one used here.  This class is still advantageous, however, as it centralizes other methods, such as
       random_egd, in one place.

AUTHOR

       Ian Robertson, iroberts@cpan.com

SEE ALSO

       perl(1), rand(3), RAND_add(3), RAND_egd(3), RAND_bytes(3).

POD ERRORS

       Hey! The above document had some coding errors, which are explained below:

       Around line 62:
	   '=item' outside of any '=over'

       Around line 93:
	   You forgot a '=back' before '=head1'

perl v5.18.2							    2007-05-20								 Random(3)
All times are GMT -4. The time now is 11:16 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy