Re: String Encryption Help
- From: rossum <rossum48@xxxxxxxxxxxx>
- Date: Tue, 24 Apr 2007 13:51:43 +0100
On Mon, 23 Apr 2007 17:49:53 +0100, "j1mb0jay" <jap6@xxxxxxxxxx>
wrote:
Thank you very much for your help dont want to annoy you to much.This does not do what I suspect you want it to. Trace the value of
I have changed the requested... and hopefully this is what you ment.
private int CreateSecureRandomInt()
{
RNGCryptoServiceProvider random = new
RNGCryptoServiceProvider();
byte[] randBytes = new byte[4];
random.GetBytes(randBytes);
int i = (BitConverter.ToInt32(randBytes,0));
randBytes = null;
if (i < 0)
CreateSecureRandomInt();
variable i before and after this statement.
while (i > 10)
{
i = i / 10;
}
return i;
}
I ran some tests on your code as written. The results were not good:
Low values = 4983
0 -> 0
1 -> 2321
2 -> 590
3 -> 264
4 -> 236
5 -> 280
6 -> 274
7 -> 247
8 -> 258
9 -> 271
High values = 276
10000 tests total.
Low values are negative numbers, 0 to 9 are the digits and high values
are ten or more. Your code does not return what you seem to want it
to - a single digit in the range 0 to 9. If you want a digit in the
range 1 to 9 then it is better, but the digits are not picked equally,
1 and 2 are more frequent than they should be.
Fixing your if-statement removes negative numbers:
Low values = 0
0 -> 0
1 -> 4661
2 -> 1209
3 -> 519
4 -> 513
5 -> 515
6 -> 541
7 -> 555
8 -> 505
9 -> 506
High values = 476
10000 tests total.
For a correct distribution, each digit should appear about 1000 times.
Your other problems need a bit more study. One line of attack might
be to avoid using integers, you can just get a single byte in the
range 0 to 255 and derive your single digit from that. Hint: because
10 is not a power of 2 and 256 is, you will need to throw some numbers
away for a correct distribution of results.
My test code is below for reference.
A style point, if your function is intended to return a random digit
then it might be better to call it CreateSecureRandomDigit().
I will work on the rest of the "fixes" over the next few days and will postAll characters can be converted to Base64, you problem is elsewhere.
back.
I tried replacing this ...
tdes.Mode = CipherMode.ECB;
with...
tdes.Mode = CipherMode.CBC;
But it seems to output characters which can not be converted to base64,
Are you setting up an Initialisation Vector (IV), which is needed for
CBC mode? You will also need to transmit the IV with your cyphertext.
rossum
which would mean a big change.
I need to do some more reading.
Once again thanks
Regards JJ (UWA)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Test code:
static void Main() {
int numTests = 10000;
int[] counters = new int[10];
int lowValue = 0;
int highValue = 0;
for (int i = 0; i < numTests; ++i) {
int csri = CreateSecureRandomInt();
if (csri < 0) {
++lowValue;
} else if (csri > 9) {
++highValue;
} else {
++counters[csri];
} // end if
} // end for
Console.WriteLine("Low values = {0}", lowValue);
for (int j = 0; j < 10; ++j) {
Console.WriteLine("{0} -> {1}", j, counters[j]);
} // end for
Console.WriteLine("High values = {0}", highValue);
Console.WriteLine("{0} tests total.", numTests);
Console.Write("Press [Enter] to continue... ");
Console.ReadLine();
} // end Main()
.
- Follow-Ups:
- Re: String Encryption Help
- From: Göran Andersson
- Re: String Encryption Help
- References:
- String Encryption Help
- From: j1mb0jay
- Re: String Encryption Help
- From: rossum
- Re: String Encryption Help
- From: j1mb0jay
- Re: String Encryption Help
- From: rossum
- Re: String Encryption Help
- From: j1mb0jay
- String Encryption Help
- Prev by Date: Re: Destructor not being called - why?
- Next by Date: Re: Why doesn't C# allow incremental compilation like Java?
- Previous by thread: Re: String Encryption Help
- Next by thread: Re: String Encryption Help
- Index(es):
Relevant Pages
|
