Descrizione
First laboratory for the Computer Network Security (CNS) course at Tor Vergata during scholar year 2022-2023.
In the laboratory we introduced the idea behind Pseudo-Random-Number-Generators (PRNGs) and we have analyzed two specific types of PRNGs, the “The Middle Square Method” and the “Linear Congruential Generator”, abbreviated as LCG. We have defined the main equations defining an LCG, and we have seen how to discover all the parameters of a given LCG starting from a sequence of outputs.
In terms of practical application, we have seen that the C standard library implements various types of PRNGs, and among these (at least up until glibc version 2.36) we also find a version of LCG with specific fixed parameters.
Timestamps
00:00:00 Introduction
00:04:30 What is randomness?
00:13:38 What is Pseudo-Randomness?
00:25:38 A First PRNG: Middle Square method
00:31:55 A Second PRNG: Linear Congruential Generator
00:38:19 LCG in rand() libc
00:42:05 How to break LCG
01:05:30 Why the attack fails sometimes
01:09:00 Towards Next Lecture
01:11:46 Extra: Debugging rand()
Riferimenti / Materiale
https://github.com/LeonardoE95/yt-it/tree/main/src/2022-10-05-università-teaching-2022-2023-cns-01
https://teaching.leonardotamiano.xyz/cns/labs/lab_01_prng_1/