Calling on community

Discussion in 'Mac Programming' started by italiano40, Aug 12, 2008.

  1. italiano40 macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #1
  2. tedsmith3rd macrumors member

    Joined:
    Aug 30, 2006
    Location:
    US
    #2
    This sounds a little dangerous. If you're looking for random bytes you can get them by reading /dev/random. If you are looking for good entropy to feed something else, you might just want to pull bytes from the random device on a busyish web server. The network interface(s) will give the random number generator a lot to work with.

    You could also utilize a number of good existing libraries for these functions. For example darwin's libc includes the random routine (don't use rand). This guy implemented a bunch of PRNGs in Cocoa: http://www.mactech.com/articles/mactech/Vol.22/22.03/RandomCocoa Python comes with it's own Mersenne Twister PRNG. This python script will get you what you are asking for (from terminal):
    Code:
    #!/usr/bin/python
    import random
    
    # Setting
    lineLimit=1024
    
    # Init
    linesPrinted=0
    random.seed()
    
    while (linesPrinted < lineLimit):
        # 33-127 is the range of pritable ASCII chars
        print chr(random.randrange(33, 127, 1))
        linesPrinted += 1
    Finally, you might want to have a look at APG, it's a well known, secure, well reviewed, multi-platform, free, open source password generator which is available in both standalone and client/server versions. It could use a good iPhone or Cocoa front end.

    I personally got burned once by writing my own cipher with an integral PRNG. It was broken in minutes by a semi-talented cracker. There are a lot of pitfalls and easy mistakes to make when you're working with that stuff, so I try avoid doing it myself these days.
     
  3. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #3
    my app doesn't use a random numbers, i don't want to say to much but it takes to really low numbers adds them and gets the character from the txt file, then at the end it checks it against your mac's dictionary, so this is a secure and untraceable math
     
  4. sord macrumors 6502

    Joined:
    Jun 16, 2004
    #4
    lol

    I think you need to do a LOT of research in both the fields of mathematics and cryptography (thinking at least 5-10 years worth) before you can say that your application is secure, or has "untraceable math". Also, by the sound of what you are saying, it sounds really easy to break...
     
  5. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #5
    Sounds a bit like where you change letters into numbers and numbers into letters and then do arithmetic on those numbers to make a code.

    Remind me not to store sensitive data using your algorithm :). People dedicate a large part of their life to this subject, it is unlikely that your method would last long at all if someone wanted to break your code.
     
  6. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #6
    Are you wanting us to randomly upload text files, so our "randomness" will seed some random number generator?

    I didn't see where you log in to the site you linked, and really didn't know what you are looking for.

    Are you just looking for the ascii characters in a random order? Only printable characters, or all of them? Only 7-bit ascii, or high ascii as well? Can the letters repeat, or is each to only appear once?

    Whatever you're doing with this is, obviously, totally insecure. If this is just a project you are working on as a learning excercise, i'm sure we'll be glad to help. The most important thing you will learn from this, though, is that you aren't Bruce Schneier and anything you design at this point will be easily broken.

    -Lee
     
  7. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #7
    Incorrect

    actually it does have untraceable math that gets changed on every run of the app

    incorrect, the upload text is actually a test for the app to compare against
     
  8. Cromulent macrumors 603

    Cromulent

    Joined:
    Oct 2, 2006
    Location:
    The Land of Hope and Glory
    #8
    Uh huh. If so, why aren't you making a fortune working for the government then?

    Every code is crackable given enough time. Most cryptographic software just relies on the fact that with present day technology it would takes 1,000s of years (or more) to crack.

    What are you comparing? I'm not sure what you could possibly be comparing against. What correlation are you expecting (or not as the case may be) between the two?
     
  9. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #9
    So so far we know you want some text, one character per line, but not what should compose this text.

    You have asserted that your algorithm is likely to last a long time against someone trying to break it.

    You have asserted that there is untraceable math at work.

    When you stated what I posted was incorrect, i'm not sure what part. Perhaps just the first line? That your method is insecure? That I did not see where to log in on the site linked? That you are not Bruce Schneier?

    You didn't answer what types of characters should be included, if repetition is acceptable, etc. You get what you give, i suppose.

    -Lee
     
  10. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #10
    because this is a side project the password gen is part of a bigger project i am making, so i doing you guys a favor by releasing this software that will be free, but closed source and i also thinking of making a a free framework that you guys could use in your projects

    True, but with many updates, i would try and do my best to keep it as secure as i can

    it is used to test help make the password that the computer makes stronger, it takes to different methods to make this password and a third that just tests the password for a checklist of things
     
  11. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #11
    any character can be used, anything goes, only one rule one character per line.
    also they are so many things that computer to make this very secure password
     
  12. lee1210 macrumors 68040

    lee1210

    Joined:
    Jan 10, 2005
    Location:
    Dallas, TX
    #12
    I posted a file and post, because I got confused, on the forum on your site... it had every lowercase letter and the numeral. I'm still not sure what you're trying to do/use it for but didn't want to just antagonize, so hopefully that was helpful.

    -Lee
     
  13. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #13
    thank you, it was very helpful, maybe i am not explaining but i will post when i release it
     
  14. italiano40 thread starter macrumors 65816

    italiano40

    Joined:
    Oct 7, 2007
    Location:
    NY
    #14
    since you wanted it you got it
    here you can download it

    and also you can leave comments and any bugs report them there
     

Share This Page