Safer Code – Secure Coding In C \ C++ And More..

Subscribe To Our Feed | Follow Us On Twitter | Get Updates on Email

Everyone must have used rand() sometime or the other while writing C code. The problem with rand() in most of the platforms is that it is easy to predict the output. Being based on unsigned int, it is just a simple function using a seed which is always the last randomly generated some number. This seed is not very tough to guess for an advanced hacker. once this seed is guessed,, any password or information based on random number generation can be easilt cracked and maligned.

following code is abridged code of rand() function implementation referenced from the book The C programming Language written by Brian Kernighan and Dennis Ritchie

unsigned long int next = 1;
int rand(void)
{
    next = next * 1103515245 + 12345;
    return (unsigned int)(next / 65536) % 32768;
}

This type of function is generally called linear congruential function. As you can notice yourself, that these type of linear congruential functions are very much predictable and are not recommended for security sensitive applications. If you look at the above given code, it is obvious that if the underlying environment does not change, then the random number generation can easily be guessed as it will generate same random number on running the application again and again.

Any type of good random number generator should adhere to three basic properties:

1. Generate evenly distributed numbers
2. The generated number should be unpredictable
3. It should use a long cycle of range of numbers

Linear congruential functions just suffice the first property but fail miserably in the other two, thus, making themselves unusable for secure random number generation.In the early era of internet, people have used the rand() function, and hackers have exploited it at leisure.

To Solve this problem, most of the platforms support Cryptographic Random Numbers these days. For example, CryptGenRandom is provided by almost all the Windows platforms. These type of Cryptographic Random numbers are completely random as the seed used in them is also unknown to the programmer. It is completely random because it uses the system properties(system entropy) to generate the seed, which is then hashed used a hashing algorithm like SHA-1/MD4/MD5 etc. This implementation is completely platform dependent. For example: quite a few parameters used by Windows platforms are like

1. Current Process ID
2. Current Thread ID
3. GetLocalTime()
4. CPU counters
5. Allocated Process Memmory at initial time
6. Page Fault count
7. etc etc etc….

Due to these large number of parameters and then, applying the hashing algorithms, the seed becomes almost random and unpredictable, thus, making it next to impossible to be decrypted.

Crypt Random Numbers and algorithms are part of FIPS (Federal Information Processing Standard) standard. The above mentioned function is a part of FIPS 186-2 standard.

Talking about Cryptographic Random numbers is a fairly vast topic and I would like to continue in my next post.

© Safer Code | Predicting the rand() and using Cryptographic Random Numbers

Liked this post? Get FREE Updates Subscribe to RSS feed Or Enter Your E-mail ID below

Related posts

• And So It Begins… (0)
• All Input is Evil (3)
• Using Enum Pattern in Java < 1.5 (1)
• Improper Variable Initialization (0)
• “De-Bugging” Code before Check-in (0)

Tags: C, Concepts, CryptGenRandom, Cryptography, Efficiency, rand, Random Numbers, Security, security holes

This entry was posted on Tuesday, February 10th, 2009 at 9:38 pm and is filed under C/C++, General, Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.