[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Lua 5.4 random number generator
- From: albertmcchan <albertmcchan@...>
- Date: Fri, 23 Mar 2018 19:59:25 -0400
On Mar 23, 2018, at 6:31 PM, Coda Highland <chighland@gmail.com> wrote:
> On Fri, Mar 23, 2018 at 5:24 PM, Albert Chan <albertmcchan@yahoo.com> wrote:
>> You mean just two math.random(0) (128 bits) can predict the next one ?
>
> No, if you see the least significant bit of 128 consecutive calls to
> math.random, then you can predict the least significant bit of every
> call from there on out.
>
I misunderstood what Ge were saying, but I somehow got it right !
--> two (at most 3) math.random(0) (128 bits) can predict the next one
For math.random(), 3 calls can definitely "crack" xorshift128+
https://blog.securityevaluators.com/hacking-the-javascript-lottery-80cc437e3b7f
Too bad it is not a real lottery :-(
- References:
- Lua 5.4 random number generator, Gé Weijers
- Re: Lua 5.4 random number generator, Roberto Ierusalimschy
- Re: Lua 5.4 random number generator, Gé Weijers
- Re: Lua 5.4 random number generator, Roberto Ierusalimschy
- Re: Lua 5.4 random number generator, Gé Weijers
- Re: Lua 5.4 random number generator, Roberto Ierusalimschy
- Re: Lua 5.4 random number generator, albertmcchan
- Re: Lua 5.4 random number generator, Gé Weijers
- Re: Lua 5.4 random number generator, Albert Chan
- Re: Lua 5.4 random number generator, Coda Highland
