/
README-JUDGES.txt
5 lines (3 loc) · 1.19 KB
/
README-JUDGES.txt
1
2
3
4
5
The submission folder contains a single Go script that is meant to produce random numbers. One good method of producing random numbers is to take a Cryptographically Secure Random Number and use it as a seed for a strong hashing algorithm such as SHA256. Hashing the seed will produce the first 32 random bytes and provide the next value for the SHA256 hash. When the seed value is Cryptographically secure this method will provide a steady stream of random numbers. However, if the seed is compromised the stream of random numbers can be reproduced reliably.
The script uses the crypt/rand library to obtain two Cryptographically Secure Random Numbers, which are used to produce the seed. The XOR shuffle on the two numbers guarantees the seed will always be an array of zeros no matter what key is chosen. Since the seed is static, the same set of numbers are produced every time. To prevent this from being obvious we choose a random number and complete at least that many iterations of the hash algorithm before we start writing bytes.
If an attacker captures a stream of numbers generated by this PRNG, they can quickly determine where in the stream they are and determine the random bytes that will follow.