0

What is the seed value ?

3rd Feb 2017, 10:01 AM
Esraa
Esraa - avatar
2 Respostas
+ 1
'srand' function is a typical RNG (random number generator) - but it must be understood that the numbers it generates are not completely random. The consecutive numbers generated by any RNG are in fact pseudo-random values i.e. it uses an algorithm that actually outputs values in a deterministic fashion (i.e. always generates the same sequence of numbers). But all RNG algorithms have the property that it it is extremely difficult to correlate the numbers it output to the actual algorithm it uses, as well that, if you look at consecutive numbers being generated, they 'appear' random - and it is this apparent randomness that makes them useful. That means that it is practically impossible to generate a sequence of numbers from an RNG and try to determine the actual algorithm from that. That is why we can consider them to be random from a "practical point of view". But this depends on one crucial fact: you need to 'seed' the RNG to start at a different start value in the algorithm. If you do this you get the sequence from a different (lets call it) "part" of the total sequence of numbers that the RNG will always generate. If you don't do this the sequence of numbers it generates each time is EXACTLY the same (because the starting point is always the same). The fact that this sequence of values seem to be random and uncorrelated means nothing if you can repeat the exact same sequence each time - in the field of cryptography this will be a serious flaw if an attacker knew this to be the case. And there are known cases like this - https://www.rapid7.com/db/vulnerabilities/HTTP-MODS-0002
3rd Feb 2017, 12:37 PM
Ettienne Gilbert
Ettienne Gilbert - avatar
0
thank you very much Ettienne! !!!
3rd Feb 2017, 1:17 PM
Esraa
Esraa - avatar