[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: BoS: rand-test.c
From: Julian Assange <proff () suburbia ! net>
Date: 1995-11-22 23:40:57
[Download RAW message or body]
/*
* test-rand.c - test the strength of rand()
* Time-stamp: <95/11/02 16:21:31 gildea>
*
* Determines how many unique MIT-MAGIC-COOKIE-1 keys are
* generated by rand() on this system.
*
* Written by Chris Hall, distributed by gildea@x.org
* This program is provided as is, without warranty of any kind.
*/
#include <math.h>
#include <stdio.h>
#include <stdlib.h>
#ifdef RAND48
#define rand lrand48
#define srand srand48
#endif
#ifdef RANDOM
#define rand random
#define srand srandom
#endif
#define MASK 0xff
static int highest_bit = 8*sizeof(int) - 1;
int main()
{
int i, first, second, lb, ub;
/*
** find the lowest bit that matters
*/
for (i = 0; i <= highest_bit; i++) {
srand (0);
first = rand ();
srand (1 << i);
second = rand ();
if ((first & MASK) != (second & MASK)) {
lb = i;
printf ("lower bit = %d\n", i);
break;
}
}
/*
** find the highest bit which matters
*/
for (i = highest_bit; i >= 0; i--) {
srand (0);
first = rand ();
srand (1 << i);
second = rand ();
if ((first & MASK) != (second & MASK)) {
ub = i;
printf ("upper bit = %d\n", i);
break;
}
}
printf ("There are %u possible cookies (%d bits).\n",
1 << (ub - lb + 1),
ub - lb + 1);
if (ub-lb+1 >= 24) {
printf("You have a relatively strong rand() function.\n");
/* but note that any rand() function is only as good as its inputs. */
}
else if (ub-lb+1 >= 16)
printf("You have a medium strength rand() function.\n");
else
printf("You have a weak rand() function.\n");
return 0;
}
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic