Questions tagged [random]

The generation of random or pseudorandom data, and the use of randomness in security protocols

Use this tag for questions about (pseudo)-random number generation and the use of random numbers and random data in security protocols.

Related tags

Common questions

380 questions
237
votes
11 answers

Why is Math.random() not designed to be cryptographically secure?

The JavaScript Math.random() function is designed to return a single IEEE floating point value n such that 0 ≤ n < 1. It is (or at least should be) widely known that the output is not cryptographically secure. Most modern implementations use the…
forest
  • 64,616
  • 20
  • 206
  • 257
209
votes
4 answers

Is a rand from /dev/urandom secure for a login key?

Lets say I want to create a cookie for a user. Would simply generating a 1024 bit string by using /dev/urandom, and checking if it already exists (looping until I get a unique one) suffice? Should I be generating the key based on something else? Is…
Incognito
  • 5,204
  • 5
  • 27
  • 31
96
votes
6 answers

Are GUIDs safe for one-time tokens?

I see a lot of sites use GUIDs for password resets, unsubscribe requests and other forms of unique identification. Presumably they are appealing because they are easy to generate, unique, non-sequential and seem random. But are they safe enough for…
Michael Haren
  • 1,062
  • 1
  • 7
  • 7
80
votes
7 answers

Are random URLs a safe way to protect profile photos?

I would like to move from sequential to random user IDs, so I can host profile photos publicly, i.e. example.com/profilepics/asdf-1234-zxcv-7890.jpg. How long must user IDs be to keep anyone from finding any user photos for which they have not been…
owenfi
  • 903
  • 1
  • 6
  • 8
80
votes
3 answers

Is it appropriate to use haveged as a source of entropy on virtual machines?

While looking for solutions to entropy pool depletion on virtual machines, I came across an interesting project called haveged, which is based on the HAVEGE algorithm (HArdware Volatile Entropy Gathering and Expansion). It makes a pretty fantastic…
Nic
  • 1,136
  • 2
  • 10
  • 13
71
votes
5 answers

What makes Random Number Generators so fragile?

It seems to me that a hardware component which generates random numbers is extremely simple - just measure tiny vibrations in the hardware with a sensor, right? Maybe I'm wrong but it seems like if you measured vibrations with very high precision,…
john doe
  • 765
  • 1
  • 5
  • 8
60
votes
4 answers

Expert quote on entropy for uncrackable password

Could anyone point to a quote in a published work - or suggest a recognised expert who might provide a quote - which answers the following question How much entropy in a password would guarantee that it is secure against an offline guessing attack…
Stephen Hewitt
  • 711
  • 1
  • 6
  • 6
53
votes
9 answers

Feeding /dev/random entropy pool?

Which way of additionally feeding /dev/random entropy pool would you suggest for producing random passwords? Or, is there maybe a better way to locally create fully random passwords?
tkit
  • 3,272
  • 5
  • 28
  • 36
49
votes
2 answers

Is "real salt" the same as "initialization vectors"?

In the question about real vs. fake salt, the answers describe how real salt 'perturbs the encryption algorithm.' I know roughly how initialization vectors work; is this the same concept, or something different entirely?
Bryan Agee
  • 1,186
  • 1
  • 10
  • 17
41
votes
3 answers

Predicting Math.random() numbers?

I was reading up on the documentation for Math.random() and I found the note: Math.random() does not provide cryptographically secure random numbers. Do not use them for anything related to security. Use the Web Crypto API instead, and more…
Abe Miessler
  • 8,155
  • 10
  • 44
  • 72
40
votes
4 answers

Is generating random numbers using a smartphone camera a good idea?

Forgive my ignorance on the subject, but I wish to know more and asking (stupid) questions are one way. I was reading http://www.random.org/randomness/ and this idea popped into my head (before the bit about lava-lamps) Considering the…
ian
  • 1,302
  • 11
  • 21
38
votes
3 answers

How long should a random nonce be?

NIST provides good guidelines on the length of keys and hashes for various algorithms. But I don't see anything specifically on the length of a random or pseudo-random nonce (number used once). If there is a single good answer for a variety of…
nealmcb
  • 20,544
  • 6
  • 69
  • 116
36
votes
3 answers

Cracking a linear congruential generator

I was recently listening to the security now podcast, and they mentioned in passing that the linear congrunential generator (LCG) is trivial to crack. I use the LCG in a first year stats computing class and thought that cracking it would make a nice…
csgillespie
  • 957
  • 1
  • 9
  • 15
33
votes
11 answers

One liner to create passwords in linux?

How do you create a readable password using bash with one line? What if i'm looking for 128 bits of entropy? EDIT By readable I mean the 94 printable ascii characters (without space). It can use less than these characters as long as it has at least…
Andras Gyomrey
  • 821
  • 3
  • 9
  • 17
32
votes
2 answers

Is "always use /dev/urandom" still good advice in an age of containers and isolation?

In short: Instead of another question asking about when to use /dev/random instead of /dev/urandom, I present the following scenario, in which I find myself in an application I'm building: A VM or container environment (ie, a fresh install,…
jMyles
  • 401
  • 4
  • 12
1
2 3
25 26