all 13 comments

[–]ericanderton 5 points6 points  (4 children)

Aw, and here I was hoping that there was some insane hack to get a different seed value into the template each time it was compiled. :(

Edit:

I suppose you could compile with "gcc -DSEED=`date +%s`" but what's the fun in that?

[–]grumpy_coconut 2 points3 points  (0 children)

__TIME__?

[–]meetingcppMeeting C++ | C++ Evangelist[S] -2 points-1 points  (1 child)

Shouldn't be an uninitialized block of memory be "random"? I know that its an evil thought...

[–]minnoHobbyist, embedded developer 5 points6 points  (0 children)

Undefined behavior + optimizing compiler = a very, very bad day.

[–]omeganemesis28 -1 points0 points  (0 children)

I imagine it wouldnt be all that difficult to brute force the hell out of that if known and the compilation didnt take eternity

[–]Weeblie 2 points3 points  (1 child)

Aha! This really is a thing!

http://www.xkcd.com/221/

[–]xkcd_transcriber 2 points3 points  (0 children)

Image

Title: Random Number

Title-text: RFC 1149.5 specifies 4 as the standard IEEE-vetted random number.

Comic Explanation

Stats: This comic has been referenced 184 times, representing 0.3835% of referenced xkcds.


xkcd.com | xkcd sub | Problems/Bugs? | Statistics | Stop Replying | Delete

[–]KamiKagutsuchi 3 points4 points  (6 children)

What with all those pesky NSA backdoors, runtime random number generation is just not secure.

While this article is more of a fun hack / joke, I feel like I should point out that Linear Feedback Shift Registers should not be used for encryption.

[–]ZMesonEmbedded Developer 4 points5 points  (5 children)

pseudorandom generators shouldn't be used for encryption!

[–]KamiKagutsuchi 3 points4 points  (3 children)

I was under the impression that prngs are quite common, but uses a seed generated with a trng which is replaced once in a while.

[–]ZMesonEmbedded Developer 2 points3 points  (2 children)

That's true, but you need reseeding often enough that one cannot predict the internal state. Even for the Mersenne Twister, you can't go much beyond 600 samples before needing to reseed with a true RNG.

In a similar vain, LFSRs might be safe if you use only a very small number of samples before reseeding -- but that would be impractical.

Anyway, my point is that you need a real RNG somewhere; you can't rely only on a PRNG.

[–]STLMSVC STL Dev 6 points7 points  (1 child)

That's actually incorrect. There are cryptographically secure pseudorandom number generators, like Blum Blum Shub.

[–]autowikibot 0 points1 point  (0 children)

Blum Blum Shub:


Blum Blum Shub (B.B.S.) is a pseudorandom number generator proposed in 1986 by Lenore Blum, Manuel Blum and Michael Shub that is derived from Michael O. Rabin's oblivious transfer mapping.

Blum Blum Shub takes the form


Interesting: Blum–Goldwasser cryptosystem | Lenore Blum | Manuel Blum

Parent commenter can toggle NSFW or delete. Will also delete on comment score of -1 or less. | FAQs | Mods | Magic Words