Subscribe RSS FeedHow random is your random?
Computers are very deterministic. What that means is that you put something in, you get something out. In order to get computers to perform "randomness", it is very difficult.
Why is this important to understand? Because we want to write our code properly, if we depend on the random function for some security purpose, such as for generating passwords, we are actually putting security holes in our application without realizing it.
Here is a snippet of how to get Cryographically safe random numbers:
In .NET Using RNGCryptoServiceProvider would give you much better random results than just a Random.Next()
However, in order to truly randomize your number, you would have to do something like use data from customer mouse movements, or something wierd like that. Alternatively you can use a hardware random number generator such as the one Intel created that uses thermal noise to generate real random numbers
To realize just how complicated this really is, lets look at this quote from the Pokerstars web site on how they shuffle the cards in their software:
SHUFFLE
"Anyone who considers arithmetic methods of producing random digits is, of course, in a state of sin." – John von Neumann, 1951
We understand that a use of a fair and unpredictable shuffle algorithm is critical to our software. To ensure this and avoid major problems described in [2], we are using two independent sources of truly random data:
* user input, including summary of mouse movements and events timing, collected from client software
* true hardware random number generator developed by Intel [3], which uses thermal noise as an entropy source
* true hardware random number generator developed by Intel [3], which uses thermal noise as an entropy source
Each of these sources itself generates enough entropy to ensure a fair and unpredictable shuffle.
Shuffle Highlights:
Shuffle Highlights:
* A deck of 52 cards can be shuffled in 52! ways. 52! is about 2^225 (to be precise, 80,658,175,170,943,878,571,660,636,856,404,000,000,000,000,000 ways). We use 249 random bits from both entropy sources (user input and thermal noise) to achieve an even and unpredictable statistical distribution.
* Furthermore, we apply conservative rules to enforce the required degree of randomness; for instance, if user input does not generate required amount of entropy, we do not start the next hand until we obtain the required amount of entropy from Intel RNG.
* We use the SHA-1 cryptographic hash algorithm to mix the entropy gathered from both sources to provide an extra level of security
* We also maintain a SHA-1-based pseudo-random generator to provide even more security and protection from user data attacks
* To convert random bit stream to random numbers within a required range without bias, we use a simple and reliable algorithm. For example, if we need a random number in the range 0-25:
o we take 5 random bits and convert them to a random number 0-31
o if this number is greater than 25 we just discard all 5 bits and repeat the process
* This method is not affected by biases related to modulus operation for generation of random numbers that are not 2n, n = 1,2,..
* To perform an actual shuffle, we use another simple and reliable algorithm:
o first we draw a random card from the original deck (1 of 52) and place it in a new deck – now original deck contains 51 cards and the new deck contains 1 card
o then we draw another random card from the original deck (1 of 51) and place it on top of the new deck – now original deck contains 50 cards and the new deck contains 2 cards
o we repeat the process until all cards have moved from the original deck to the new deck
* This algorithm does not suffer from "Bad Distribution Of Shuffles" described in [2]
* Furthermore, we apply conservative rules to enforce the required degree of randomness; for instance, if user input does not generate required amount of entropy, we do not start the next hand until we obtain the required amount of entropy from Intel RNG.
* We use the SHA-1 cryptographic hash algorithm to mix the entropy gathered from both sources to provide an extra level of security
* We also maintain a SHA-1-based pseudo-random generator to provide even more security and protection from user data attacks
* To convert random bit stream to random numbers within a required range without bias, we use a simple and reliable algorithm. For example, if we need a random number in the range 0-25:
o we take 5 random bits and convert them to a random number 0-31
o if this number is greater than 25 we just discard all 5 bits and repeat the process
* This method is not affected by biases related to modulus operation for generation of random numbers that are not 2n, n = 1,2,..
* To perform an actual shuffle, we use another simple and reliable algorithm:
o first we draw a random card from the original deck (1 of 52) and place it in a new deck – now original deck contains 51 cards and the new deck contains 1 card
o then we draw another random card from the original deck (1 of 51) and place it on top of the new deck – now original deck contains 50 cards and the new deck contains 2 cards
o we repeat the process until all cards have moved from the original deck to the new deck
* This algorithm does not suffer from "Bad Distribution Of Shuffles" described in [2]
PokerStars shuffle verified by Cigital and BMM International
PokerStars submitted extensive information about the PokerStars random number generator (RNG) to two independent organizations. We asked these two trusted resources to perform an in-depth analysis of the randomness of the output of the RNG, and its implementation in the shuffling of the cards on PokerStars.
Both independent companies were given full access to the source code and confirmed the randomness and security of our shuffle. Visit Online Poker Random Number Generator for more details.
[2] "How We Learned to Cheat at Online Poker: A Study in Software Security" – http://itmanagement.earthweb.com/entdev/article.php/616221
[3] "The Intel Random Number Generator" – http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf"
[3] "The Intel Random Number Generator" – http://www.cryptography.com/resources/whitepapers/IntelRNG.pdf"
Here is an article about how to shuffle a deck of cards: http://www.codinghorror.com/blog/archives/001008.html?r=31644 and in one of the links it explains a big security hole in their random number generation and how it could have been used to leverage thousands of dollars from players.
Here is a snippet of how to get Cryographically safe random numbers:
This will fill in the 8 bytes with a crytographically strong sequence of random values.
byte[] salt = new byte[8]; RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider(); rng.GetBytes(salt);
How long you waited for what? Subtext?