Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

macOS Calling on community

T

tedsmith3rd

macrumors member
Aug 30, 2006
54
0
US
italiano40 said:
i am creating an password generator / encryption app what i need, a random selection of characters, only one character on line in a txt file
Click to expand...

This sounds a little dangerous. If you're looking for random bytes you can get them by reading /dev/random. If you are looking for good entropy to feed something else, you might just want to pull bytes from the random device on a busyish web server. The network interface(s) will give the random number generator a lot to work with.

You could also utilize a number of good existing libraries for these functions. For example darwin's libc includes the random routine (don't use rand). This guy implemented a bunch of PRNGs in Cocoa: http://www.mactech.com/articles/mactech/Vol.22/22.03/RandomCocoa Python comes with it's own Mersenne Twister PRNG. This python script will get you what you are asking for (from terminal):
Code: 
#!/usr/bin/python
import random

# Setting
lineLimit=1024

# Init
linesPrinted=0
random.seed()

while (linesPrinted < lineLimit):
    # 33-127 is the range of pritable ASCII chars
    print chr(random.randrange(33, 127, 1))
    linesPrinted += 1

Finally, you might want to have a look at APG, it's a well known, secure, well reviewed, multi-platform, free, open source password generator which is available in both standalone and client/server versions. It could use a good iPhone or Cocoa front end.

I personally got burned once by writing my own cipher with an integral PRNG. It was broken in minutes by a semi-talented cracker. There are a lot of pitfalls and easy mistakes to make when you're working with that stuff, so I try avoid doing it myself these days.
 
italiano40

italiano40

macrumors 65816
Original poster
Oct 7, 2007
1,080
0
NY
tedsmith3rd said:
This sounds a little dangerous. If you're looking for random bytes you can get them by reading /dev/random. If you are looking for good entropy to feed something else, you might just want to pull bytes from the random device on a busyish web server. The network interface(s) will give the random number generator a lot to work with.

You could also utilize a number of good existing libraries for these functions. For example darwin's libc includes the random routine (don't use rand). This guy implemented a bunch of PRNGs in Cocoa: http://www.mactech.com/articles/mactech/Vol.22/22.03/RandomCocoa Python comes with it's own Mersenne Twister PRNG. This python script will get you what you are asking for (from terminal):
Code: 
#!/usr/bin/python
import random

# Setting
lineLimit=1024

# Init
linesPrinted=0
random.seed()

while (linesPrinted < lineLimit):
    # 33-127 is the range of pritable ASCII chars
    print chr(random.randrange(33, 127, 1))
    linesPrinted += 1

Finally, you might want to have a look at APG, it's a well known, secure, well reviewed, multi-platform, free, open source password generator which is available in both standalone and client/server versions. It could use a good iPhone or Cocoa front end.

I personally got burned once by writing my own cipher with an integral PRNG. It was broken in minutes by a semi-talented cracker. There are a lot of pitfalls and easy mistakes to make when you're working with that stuff, so I try avoid doing it myself these days.
Click to expand...

my app doesn't use a random numbers, i don't want to say to much but it takes to really low numbers adds them and gets the character from the txt file, then at the end it checks it against your mac's dictionary, so this is a secure and untraceable math
 
S

sord

macrumors 6502
Jun 16, 2004
352
0
italiano40 said:
i don't want to say to much
Click to expand...
lol

italiano40 said:
it takes to really low numbers adds them and gets the character from the txt file, then at the end it checks it against your mac's dictionary, so this is a secure and untraceable math
Click to expand...
I think you need to do a LOT of research in both the fields of mathematics and cryptography (thinking at least 5-10 years worth) before you can say that your application is secure, or has "untraceable math". Also, by the sound of what you are saying, it sounds really easy to break...
 
Cromulent

Cromulent

macrumors 604
Oct 2, 2006
6,802
1,096
The Land of Hope and Glory
sord said:
I think you need to do a LOT of research in both the fields of mathematics and cryptography (thinking at least 5-10 years worth) before you can say that your application is secure, or has "untraceable math". Also, by the sound of what you are saying, it sounds really easy to break...
Click to expand...

Sounds a bit like where you change letters into numbers and numbers into letters and then do arithmetic on those numbers to make a code.

italiano40 said:
my app doesn't use a random numbers, i don't want to say to much but it takes to really low numbers adds them and gets the character from the txt file, then at the end it checks it against your mac's dictionary, so this is a secure and untraceable math
Click to expand...

Remind me not to store sensitive data using your algorithm :). People dedicate a large part of their life to this subject, it is unlikely that your method would last long at all if someone wanted to break your code.
 
lee1210

lee1210

macrumors 68040
Jan 10, 2005
3,182
3
Dallas, TX
Are you wanting us to randomly upload text files, so our "randomness" will seed some random number generator?

I didn't see where you log in to the site you linked, and really didn't know what you are looking for.

Are you just looking for the ascii characters in a random order? Only printable characters, or all of them? Only 7-bit ascii, or high ascii as well? Can the letters repeat, or is each to only appear once?

Whatever you're doing with this is, obviously, totally insecure. If this is just a project you are working on as a learning excercise, i'm sure we'll be glad to help. The most important thing you will learn from this, though, is that you aren't Bruce Schneier and anything you design at this point will be easily broken.

-Lee
 
italiano40

italiano40

macrumors 65816
Original poster
Oct 7, 2007
1,080
0
NY
Cromulent said:
Sounds a bit like where you change letters into numbers and numbers into letters and then do arithmetic on those numbers to make a code.



Remind me not to store sensitive data using your algorithm :). People dedicate a large part of their life to this subject, it is unlikely that your method would last long at all if someone wanted to break your code.
Click to expand...

Incorrect

sord said:
lol


I think you need to do a LOT of research in both the fields of mathematics and cryptography (thinking at least 5-10 years worth) before you can say that your application is secure, or has "untraceable math". Also, by the sound of what you are saying, it sounds really easy to break...
Click to expand...

actually it does have untraceable math that gets changed on every run of the app

lee1210 said:
Are you wanting us to randomly upload text files, so our "randomness" will seed some random number generator?

I didn't see where you log in to the site you linked, and really didn't know what you are looking for.

Are you just looking for the ascii characters in a random order? Only printable characters, or all of them? Only 7-bit ascii, or high ascii as well? Can the letters repeat, or is each to only appear once?

Whatever you're doing with this is, obviously, totally insecure. If this is just a project you are working on as a learning excercise, i'm sure we'll be glad to help. The most important thing you will learn from this, though, is that you aren't Bruce Schneier and anything you design at this point will be easily broken.

-Lee
Click to expand...
incorrect, the upload text is actually a test for the app to compare against
 
Cromulent

Cromulent

macrumors 604
Oct 2, 2006
6,802
1,096
The Land of Hope and Glory
italiano40 said:
Incorrect
Click to expand...

Uh huh. If so, why aren't you making a fortune working for the government then?

italiano40 said:
actually it does have untraceable math that gets changed on every run of the app
Click to expand...

Every code is crackable given enough time. Most cryptographic software just relies on the fact that with present day technology it would takes 1,000s of years (or more) to crack.

italiano40 said:
incorrect, the upload text is actually a test for the app to compare against
Click to expand...

What are you comparing? I'm not sure what you could possibly be comparing against. What correlation are you expecting (or not as the case may be) between the two?
 
lee1210

lee1210

macrumors 68040
Jan 10, 2005
3,182
3
Dallas, TX
italiano40 said:
Incorrect



actually it does have untraceable math that gets changed on every run of the app


incorrect, the upload text is actually a test for the app to compare against
Click to expand...

So so far we know you want some text, one character per line, but not what should compose this text.

You have asserted that your algorithm is likely to last a long time against someone trying to break it.

You have asserted that there is untraceable math at work.

When you stated what I posted was incorrect, i'm not sure what part. Perhaps just the first line? That your method is insecure? That I did not see where to log in on the site linked? That you are not Bruce Schneier?

You didn't answer what types of characters should be included, if repetition is acceptable, etc. You get what you give, i suppose.

-Lee
 
italiano40

italiano40

macrumors 65816
Original poster
Oct 7, 2007
1,080
0
NY
Cromulent said:
Uh huh. If so, why aren't you making a fortune working for the government then?
Click to expand...
because this is a side project the password gen is part of a bigger project i am making, so i doing you guys a favor by releasing this software that will be free, but closed source and i also thinking of making a a free framework that you guys could use in your projects

Cromulent said:
Every code is crackable given enough time. Most cryptographic software just relies on the fact that with present day technology it would takes 1,000s of years (or more) to crack.
Click to expand...
True, but with many updates, i would try and do my best to keep it as secure as i can

Cromulent said:
What are you comparing? I'm not sure what you could possibly be comparing against. What correlation are you expecting (or not as the case may be) between the two?
Click to expand...

it is used to test help make the password that the computer makes stronger, it takes to different methods to make this password and a third that just tests the password for a checklist of things
 
italiano40

italiano40

macrumors 65816
Original poster
Oct 7, 2007
1,080
0
NY
lee1210 said:
So so far we know you want some text, one character per line, but not what should compose this text.

You have asserted that your algorithm is likely to last a long time against someone trying to break it.

You have asserted that there is untraceable math at work.

When you stated what I posted was incorrect, i'm not sure what part. Perhaps just the first line? That your method is insecure? That I did not see where to log in on the site linked? That you are not Bruce Schneier?

You didn't answer what types of characters should be included, if repetition is acceptable, etc. You get what you give, i suppose.

-Lee
Click to expand...

any character can be used, anything goes, only one rule one character per line.
also they are so many things that computer to make this very secure password
 
lee1210

lee1210

macrumors 68040
Jan 10, 2005
3,182
3
Dallas, TX
I posted a file and post, because I got confused, on the forum on your site... it had every lowercase letter and the numeral. I'm still not sure what you're trying to do/use it for but didn't want to just antagonize, so hopefully that was helpful.

-Lee
 
italiano40

italiano40

macrumors 65816
Original poster
Oct 7, 2007
1,080
0
NY
thank you, it was very helpful, maybe i am not explaining but i will post when i release it
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom