10-08-2004
Yes I will certainly not abandon interactive mode. Non-interactive mode will be in addition to interactive mode. In addition to gathering entropy from the user, I like to present the user with many passwords. Then the user can pick one that seems easy to remember or whatever.
And cryptographic strength in a random number generator does not mean that any encryption is happening. Take a look at my primary random number generator:
code:--------------------------------------------------------------------------------
#! /usr/bin/ksh
bc |&
typeset -Z16 Smaster_mwcrng
Smaster_mwcrng=0
Cmaster_mwcrng=0
Xmaster_mwcrng=0
function master_mwcrng {
print -p "999999*$Xmaster_mwcrng+$Cmaster_mwcrng"
read -p Smaster_mwcrng
Cmaster_mwcrng=${Smaster_mwcrng%????????}
Xmaster_mwcrng=${Smaster_mwcrng##????????*(0)}
[[ -z $Xmaster_mwcrng ]] && Xmaster_mwcrng=0
}
echo S=$Smaster_mwcrng C=$Cmaster_mwcrng X=$Xmaster_mwcrng
print -n "Enter a seed - "
read Xmaster_mwcrng
i=0
while ((i<30)) ; do
((i=i+1))
master_mwcrng
echo S=$Smaster_mwcrng C=$Cmaster_mwcrng X=$Xmaster_mwcrng
done
exit 0
S=0000000000000000 C=0 X=0
Enter a seed - 27
S=0000000026999973 C=00000000 X=26999973
S=0026999946000027 C=00269999 X=46000027
S=0045999981269972 C=00459999 X=81269972
S=0081269891190027 C=00812698 X=91190027
S=0091189936622671 C=00911899 X=36622671
S=0036622635289228 C=00366226 X=35289228
S=0035289193076998 C=00352891 X=93076998
S=0093076905275893 C=00930769 X=5275893
S=0005275888654876 C=00052758 X=88654876--------------------------------------------------------------------------------
The X's are random numbers. This generator will pass any random number test you throw at it. But suppose you knew the first three numbers:
26999973
46000027
81269972
You could have a database of the first three numbers for every possible seed. You could look up these three numbers. Now you know that the seed was 27. And so you can predict every other random number that this generator will output. Thus this random number generator is said to be cryptographically weak. A cryptographically strong RNG is unpredictable.
Just for the heck of it, I wanted a cryptographically strong RNG. So what I do is call the main RNG 500 times and load the results into an array. Then when a command is entered, one of 60 auxiliary RNG's is selected based loosely on the SECONDS variable. This RNG generates a number between 0 and 499. That element of the array is returned and the master RNG is called again to replace it. There's a lot more to it...this is the reader's digest version. Suffice it to say that if you give me the first n random numbers that it outputs, I cannot predict n+1. And it's not just that I don't have enough computers. Infinite computing resources still would not do it. I would also need to know what commands you are entering and the value of the system clock each time that you press return. In addition the automatic stuff that happens, there are user commands to restart the RNG's, scramble the arrays, etc.
In a command line driven version, I will have to select one auxiliary RNG and go with that. No it won't be as secure. The output will be just as good. The danger would come from an evil Perderabo on the system while the password generator is running. He *might* be able to to acquire enough information to guess the generated password.
9 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hello Friends,
I have a problem with install.can u tell me how can I install a programm?I use AIX(IBM) system.
And how can i access cd-rom?I can't mounted,coz i am not Root.(can u tell me another Command /way)?
Thanks all. (1 Reply)
Discussion started by: Christianto
1 Replies
2. UNIX for Dummies Questions & Answers
Hello Friends,
I have a problem with install.Can u tell me,how can i install a program?I am not a Root.n i use AIX(IBM) system.n how can i access a cdrom?I have been tried it,but didn't work.I can'n mounted(can u tell me another way or Command)?
thanks all. (3 Replies)
Discussion started by: Christianto
3 Replies
3. UNIX for Dummies Questions & Answers
Okee problems...!!
What is happening: Unix server with some programms, workstations are windows 2000, the workstations work good but when you start a programm on the Unix server the CPU of the workstations go to 100% usage resulting that the system gets very slow. The programm well its running so... (2 Replies)
Discussion started by: zerocool
2 Replies
4. Programming
Dear Export,
I want to begin an serial-communication application codes associated with TTY devices. But I don't know what key settings should be concerned after opening a TTY device file under UNIX plarform(SunOS 5.7)?
Could you give me some adivce? Thanks! (8 Replies)
Discussion started by: WayneYang
8 Replies
5. Programming
I have the programm, that says to STDERR(not to STDOUT!): "hello world!" and this programm is compiled and I have no sources.
When I try to open this programm in another using C:
=======================================
FILE *pp = popen("hello_to_stderr.exe", "r");
int c;
string a;
... (2 Replies)
Discussion started by: shalmoo
2 Replies
6. Shell Programming and Scripting
Hi,
How to embeded programme within perl programme.
Shankarao (2 Replies)
Discussion started by: shankarao
2 Replies
7. Shell Programming and Scripting
Problem with links programm.
Hi!
I write sctipt for aytomatic checking into IE stas.html ->
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
<script type="text/javascript" src="newdata.submit()"></script>
</head>
<body... (1 Reply)
Discussion started by: beckss
1 Replies
8. Shell Programming and Scripting
Hi guys,
i am new to shell can u please explain how to get those two outputs
in temp1
i have i/p like
abcd
edk
lkg
jkl
loop
i need o/p
abcd *********
edk**********
lkg ***********
jkl ***********
loop************
need o/p
abcd
*************** (2 Replies)
Discussion started by: ashokkrishna063
2 Replies
9. Shell Programming and Scripting
Hello
Any Unix programm can help me to solve thsi issue:
I have 2 venn digrams please checke the attached file for pictures of venn diagram for eg red is A yellow is B and green is C..Please see attached file for Venn diagrams
In one .....
I have 3 data set A , B and C
Venn diagram... (0 Replies)
Discussion started by: manigrover
0 Replies
LEARN ABOUT FREEBSD
casperd
CASPERD(8) BSD System Manager's Manual CASPERD(8)
NAME
casperd -- Capability Services friendly daemon
SYNOPSIS
casperd [-Fhv] [-D servconfdir] [-P pidfile] [-S sockpath] [-Fhv] [-D servconfdir] [-P pidfile] [-S sockpath]
DESCRIPTION
The casperd daemon hosts various services that can be accessed through libcapsicum's capabilities by programs running in sandboxes. For
example it is prohibited to send UDP packets to arbitrary destinations when operating in capability mode, which makes DNS resolution impossi-
ble. To make it possible the casperd daemon provides the system.dns service that proxies DNS resolution requests through a dedicated, non-
sandboxed process provided by casperd.
The casperd daemon can be started with the following command line arguments:
-D servconfdir Specify alternative location of the service configuration directory. The default location is /etc/casper/.
-F Start the casperd daemon in the foreground. By default casperd starts in the background.
-h Print the casperd usage message.
-P pidfile Specify alternative location of a file where main process PID will be stored. The default location is /var/run/casperd.pid.
-S sockpath Specify alternative location of the unix(4) domain socket used to connect to the casperd daemon. The default location is
/var/run/casper.
-v Print or log verbose/debugging information. This option can be specified multiple times to raise the verbosity level.
FILES
/etc/casper/ The configuration directory for casperd services.
/var/run/casper unix(4) domain socket used to connect to the casperd daemon.
/var/run/casperd.pid The default location of the casperd PID file.
EXIT STATUS
The casperd daemon exits 0 on success, and >0 if an error occurs.
SEE ALSO
cap_enter(2), libcapsicum(3), pidfile(3), capsicum(4), unix(4)
AUTHORS
The casperd was implemented by Pawel Jakub Dawidek <pawel@dawidek.net> under sponsorship from the FreeBSD Foundation.
BSD
October 26, 2013 BSD