Mixing
Using IPv6 as seed + time almost as good as TRNG?
Clash Royale CLAN TAG#URR8PPP
up vote
1
down vote
favorite
I just figured out a way to create a RNG that may be almost as good as TRNG (true random number generator) and need some input to confirm/clarify.
What if I use the IPv6 address of a visitor as a seed + the time recorded when the visitor executes a particular action at my website to generate the random numbers?
IPv6 has about 340 trillion trillion trillion possible addresses.
And I increase the strength by repeating the same process with a 2nd visitor and do some logic between 1st visitor's RNG and 2nd visitor's RNG to arrive at a new RNG (say "1st New").
And I continue with the same process on 3rd visitor and do some logic between 3rd visitor's RNG and "1st New" to arrive at another new RNG (say "2nd New").
And I continue with the same on subsequent visitors until a certain duration is reached, to arrive at a final RNG (say "Final New").
Is this "Final New" almost as good as TRNG?
Or is it at least as good as CSPRNG?
For a hacker to successfully brute force my RNG, he needs to know the specific IP addresses of my visitors, at certain time period when a particular (unknown) action is executed, per each different visitor, for a duration of time, and the logic used in computing the RNG from one visitor with the next.
randomness
edited 3 hours ago
SEJPM♦
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |Â
up vote
1
down vote
favorite
I just figured out a way to create a RNG that may be almost as good as TRNG (true random number generator) and need some input to confirm/clarify.
What if I use the IPv6 address of a visitor as a seed + the time recorded when the visitor executes a particular action at my website to generate the random numbers?
IPv6 has about 340 trillion trillion trillion possible addresses.
And I increase the strength by repeating the same process with a 2nd visitor and do some logic between 1st visitor's RNG and 2nd visitor's RNG to arrive at a new RNG (say "1st New").
And I continue with the same process on 3rd visitor and do some logic between 3rd visitor's RNG and "1st New" to arrive at another new RNG (say "2nd New").
And I continue with the same on subsequent visitors until a certain duration is reached, to arrive at a final RNG (say "Final New").
Is this "Final New" almost as good as TRNG?
Or is it at least as good as CSPRNG?
For a hacker to successfully brute force my RNG, he needs to know the specific IP addresses of my visitors, at certain time period when a particular (unknown) action is executed, per each different visitor, for a duration of time, and the logic used in computing the RNG from one visitor with the next.
randomness
edited 3 hours ago
SEJPM♦
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago
add a comment |Â
up vote
1
down vote
favorite
up vote
1
down vote
favorite
I just figured out a way to create a RNG that may be almost as good as TRNG (true random number generator) and need some input to confirm/clarify.
What if I use the IPv6 address of a visitor as a seed + the time recorded when the visitor executes a particular action at my website to generate the random numbers?
IPv6 has about 340 trillion trillion trillion possible addresses.
And I increase the strength by repeating the same process with a 2nd visitor and do some logic between 1st visitor's RNG and 2nd visitor's RNG to arrive at a new RNG (say "1st New").
And I continue with the same process on 3rd visitor and do some logic between 3rd visitor's RNG and "1st New" to arrive at another new RNG (say "2nd New").
And I continue with the same on subsequent visitors until a certain duration is reached, to arrive at a final RNG (say "Final New").
Is this "Final New" almost as good as TRNG?
Or is it at least as good as CSPRNG?
For a hacker to successfully brute force my RNG, he needs to know the specific IP addresses of my visitors, at certain time period when a particular (unknown) action is executed, per each different visitor, for a duration of time, and the logic used in computing the RNG from one visitor with the next.
randomness
edited 3 hours ago
SEJPM♦
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I just figured out a way to create a RNG that may be almost as good as TRNG (true random number generator) and need some input to confirm/clarify.
What if I use the IPv6 address of a visitor as a seed + the time recorded when the visitor executes a particular action at my website to generate the random numbers?
IPv6 has about 340 trillion trillion trillion possible addresses.
And I increase the strength by repeating the same process with a 2nd visitor and do some logic between 1st visitor's RNG and 2nd visitor's RNG to arrive at a new RNG (say "1st New").
And I continue with the same process on 3rd visitor and do some logic between 3rd visitor's RNG and "1st New" to arrive at another new RNG (say "2nd New").
And I continue with the same on subsequent visitors until a certain duration is reached, to arrive at a final RNG (say "Final New").
Is this "Final New" almost as good as TRNG?
Or is it at least as good as CSPRNG?
For a hacker to successfully brute force my RNG, he needs to know the specific IP addresses of my visitors, at certain time period when a particular (unknown) action is executed, per each different visitor, for a duration of time, and the logic used in computing the RNG from one visitor with the next.
randomness
randomness
edited 3 hours ago
SEJPM♦
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 3 hours ago
SEJPM♦
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 3 hours ago
SEJPM♦
27.4k451130
edited 3 hours ago
SEJPM♦
27.4k451130
edited 3 hours ago
SEJPM♦
27.4k451130
27.4k451130
asked 4 hours ago
Dorky
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 4 hours ago
Dorky
243
asked 4 hours ago
Dorky
243
243
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Dorky is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago
add a comment |Â
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
5
down vote
Is this "Final New" almost as good as TRNG [or CSPRNG]?
Assuming proper cryptographic techniques for entropy combination (eg Fortuna or at least hashing) are used for the combination of the "RNGs" the answer is no. If this kind of processing is not used, then the answer is an even bigger NO.
The reason here is relatively simple, the combination of IPv6 adress paired with the timing of the visit isn't actually a secret only known to you. Whoever hosts your VPS / your physical machine / provides you with internet connectivity or provides your ISP with internet connectivity can collect the very data you are considering random. And in cryptography the job of a TRNG / CSPRNG is to provide unpredictable random bytes, which is clearly violated here, because some or more of your network / system operators can predict the "random" bytes.
Additionally, while there are indeed $2^128$ IPv6 adresses, only a tiny fraction of these are used by actual end-users, so they're indeed not as unpredictable as assumed. Also because IPv6 has such a vast adress space, end-users tend to get static adresses (unlike with IPv4 where they are actually dynamic quite often) and so if you have a standard set of users, their IPv6 adresses won't give all that much unpredictability.
However, if you really want to use this idea, you can still measure this data (the IP + time pair and maybe also do this for IPv4?) and feed it to your operating system as additional entropy / seed data, which can't hurt security due to the way this data is used by the OS.
edited 1 hour ago
Maarten Bodewes
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
5
down vote
Is this "Final New" almost as good as TRNG [or CSPRNG]?
Assuming proper cryptographic techniques for entropy combination (eg Fortuna or at least hashing) are used for the combination of the "RNGs" the answer is no. If this kind of processing is not used, then the answer is an even bigger NO.
The reason here is relatively simple, the combination of IPv6 adress paired with the timing of the visit isn't actually a secret only known to you. Whoever hosts your VPS / your physical machine / provides you with internet connectivity or provides your ISP with internet connectivity can collect the very data you are considering random. And in cryptography the job of a TRNG / CSPRNG is to provide unpredictable random bytes, which is clearly violated here, because some or more of your network / system operators can predict the "random" bytes.
Additionally, while there are indeed $2^128$ IPv6 adresses, only a tiny fraction of these are used by actual end-users, so they're indeed not as unpredictable as assumed. Also because IPv6 has such a vast adress space, end-users tend to get static adresses (unlike with IPv4 where they are actually dynamic quite often) and so if you have a standard set of users, their IPv6 adresses won't give all that much unpredictability.
However, if you really want to use this idea, you can still measure this data (the IP + time pair and maybe also do this for IPv4?) and feed it to your operating system as additional entropy / seed data, which can't hurt security due to the way this data is used by the OS.
edited 1 hour ago
Maarten Bodewes
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
add a comment |Â
up vote
5
down vote
Is this "Final New" almost as good as TRNG [or CSPRNG]?
Assuming proper cryptographic techniques for entropy combination (eg Fortuna or at least hashing) are used for the combination of the "RNGs" the answer is no. If this kind of processing is not used, then the answer is an even bigger NO.
The reason here is relatively simple, the combination of IPv6 adress paired with the timing of the visit isn't actually a secret only known to you. Whoever hosts your VPS / your physical machine / provides you with internet connectivity or provides your ISP with internet connectivity can collect the very data you are considering random. And in cryptography the job of a TRNG / CSPRNG is to provide unpredictable random bytes, which is clearly violated here, because some or more of your network / system operators can predict the "random" bytes.
Additionally, while there are indeed $2^128$ IPv6 adresses, only a tiny fraction of these are used by actual end-users, so they're indeed not as unpredictable as assumed. Also because IPv6 has such a vast adress space, end-users tend to get static adresses (unlike with IPv4 where they are actually dynamic quite often) and so if you have a standard set of users, their IPv6 adresses won't give all that much unpredictability.
However, if you really want to use this idea, you can still measure this data (the IP + time pair and maybe also do this for IPv4?) and feed it to your operating system as additional entropy / seed data, which can't hurt security due to the way this data is used by the OS.
edited 1 hour ago
Maarten Bodewes
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
add a comment |Â
up vote
5
down vote
up vote
5
down vote
Is this "Final New" almost as good as TRNG [or CSPRNG]?
Assuming proper cryptographic techniques for entropy combination (eg Fortuna or at least hashing) are used for the combination of the "RNGs" the answer is no. If this kind of processing is not used, then the answer is an even bigger NO.
The reason here is relatively simple, the combination of IPv6 adress paired with the timing of the visit isn't actually a secret only known to you. Whoever hosts your VPS / your physical machine / provides you with internet connectivity or provides your ISP with internet connectivity can collect the very data you are considering random. And in cryptography the job of a TRNG / CSPRNG is to provide unpredictable random bytes, which is clearly violated here, because some or more of your network / system operators can predict the "random" bytes.
Additionally, while there are indeed $2^128$ IPv6 adresses, only a tiny fraction of these are used by actual end-users, so they're indeed not as unpredictable as assumed. Also because IPv6 has such a vast adress space, end-users tend to get static adresses (unlike with IPv4 where they are actually dynamic quite often) and so if you have a standard set of users, their IPv6 adresses won't give all that much unpredictability.
However, if you really want to use this idea, you can still measure this data (the IP + time pair and maybe also do this for IPv4?) and feed it to your operating system as additional entropy / seed data, which can't hurt security due to the way this data is used by the OS.
edited 1 hour ago
Maarten Bodewes
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
Is this "Final New" almost as good as TRNG [or CSPRNG]?
Assuming proper cryptographic techniques for entropy combination (eg Fortuna or at least hashing) are used for the combination of the "RNGs" the answer is no. If this kind of processing is not used, then the answer is an even bigger NO.
The reason here is relatively simple, the combination of IPv6 adress paired with the timing of the visit isn't actually a secret only known to you. Whoever hosts your VPS / your physical machine / provides you with internet connectivity or provides your ISP with internet connectivity can collect the very data you are considering random. And in cryptography the job of a TRNG / CSPRNG is to provide unpredictable random bytes, which is clearly violated here, because some or more of your network / system operators can predict the "random" bytes.
Additionally, while there are indeed $2^128$ IPv6 adresses, only a tiny fraction of these are used by actual end-users, so they're indeed not as unpredictable as assumed. Also because IPv6 has such a vast adress space, end-users tend to get static adresses (unlike with IPv4 where they are actually dynamic quite often) and so if you have a standard set of users, their IPv6 adresses won't give all that much unpredictability.
However, if you really want to use this idea, you can still measure this data (the IP + time pair and maybe also do this for IPv4?) and feed it to your operating system as additional entropy / seed data, which can't hurt security due to the way this data is used by the OS.
edited 1 hour ago
Maarten Bodewes
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
edited 1 hour ago
Maarten Bodewes
50.4k669184
edited 1 hour ago
Maarten Bodewes
50.4k669184
edited 1 hour ago
Maarten Bodewes
50.4k669184
50.4k669184
answered 2 hours ago
SEJPM♦
27.4k451130
answered 2 hours ago
SEJPM♦
27.4k451130
answered 2 hours ago
SEJPM♦
27.4k451130
27.4k451130
add a comment |Â
add a comment |Â
Dorky is a new contributor. Be nice, and check out our Code of Conduct.
Dorky is a new contributor. Be nice, and check out our Code of Conduct.
Dorky is a new contributor. Be nice, and check out our Code of Conduct.
Dorky is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f63460%2fusing-ipv6-as-seed-time-almost-as-good-as-trng%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
If you're looking for a non dedicated hardware TRNG, investigate haveged. It kinda builds upon internal system timings somewhat like your access times.
– Paul Uszak
1 hour ago