A Python TrueRand-Like Script Based On Signals, Alarms, Clocks, Counters, & SHA256

So I was watching some new Defcon videos from some of my favourite speakers (Jeff Moss, Bruce Schneier, Renderman, Dan Kaminsky, Moxie Marlinspike, Joshua Wright, Johnny Long, Charlie Miller, etc.) and Dan mentioned the ability to generate random numbers on a given system with nothing more than a CPU clock type device. I don’t understand it much but I think the basics includes setting an alarm trap signal and setting an infinite loop to increase a counter variable and then using that resulting integer as a source of randomness. You can repeat this process multiple times in a row to generate a larger amount of random data. Here’s my take on it, however, it is *very* slow and most likely mathematically/statistically wrong:

import hashlib
import signal

c = 0; f = 0
r = ""; l = 0
n = 3

def handler(signum, frame):
	global c, f
	global r, l
	global n
	f = 1
	s = str(c); m = len(s)
	if ((m % 2) == 1):
		s = s[1:]; m = len(s)
	#print(c)
	p = (m / 2)
	for x in range(0, p):
		d = ((int(s[x]) + int(s[x + p])) % 10)
		if (d > 7):
			if (int(s[x + p]) > 7):
				continue
			d = int(s[x + p])
		r += str(d); l += n

def srnd(size):
	global c, f
	global r, l
	global n
	signal.signal(signal.SIGALRM, handler)
	o = ""; m = 0
	while (m < size):
		r = ""; l = 0
		while (l < 256):
			signal.alarm(1)
			c = 0; f = 0
			while (f == 0):
				c += 1
			signal.alarm(0)
		print(r)
		h = hashlib.sha256(r).digest()
		for d in h:
			if (m < size):
				o += d; m += 1
	return o

def stoh(inpt):
	h = ""
	for d in inpt:
		a = hex(ord(d))
		a = a[2:]
		if (len(a) < 2):
			a = ("0" + a)
		h += a
	return h

e = stoh(srnd(32))
print(e)
$ python sigrnd.py 
003052717203640343422444177105135642455155135417632775634425154765734347724627720521226
c2638300e80d2fb7ab0230c4a6534191dda4b86b997508ff445adc577a7426c3
Advertisements
A Python TrueRand-Like Script Based On Signals, Alarms, Clocks, Counters, & SHA256

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s