## PA193 Seminar 07 - RNGs
This notebook contains code for several tasks treated in this seminar. The goal is to construct as secure RNG as possible with the given sources. 

## Task 0: LCG
Run the cell below once. In the cell below, simple LCG generator is defined that returns #numbers of random values. Do not modify the function.

In [4]:
def LCG(s=0, a=1664525, b=1013904223, m=2**32, numbers=1):
    res = []
    for i in range(numbers):
        s = (s*a+b) % m
        res.append(s)
    return res

## Task 1: Find the best parameters of LCG 
LCG generator is defined as $s_{i+1} = a*s_i+b \pmod m$ with fixed $m = 256.$ Experiment with a,b parameters and find the best values. 
- What does it means the best parameters? 
- What is the maximal length of the sequence?

In [5]:
a, b = 0, 0
LCG()

[1013904223]

## Task 2: Next and previous values 
Attacker knows that LCG generated number $s_i$.
 1. How he can compute/find the next value $s_{i+1}$. 
 2. How he can compute/find the pravious random value $s_{i-1}$. 

Can he compute  $s_{i+1}, s_{i-1}$ for very large $m=2^{128} = 340282366920938463463374607431768211456$? 
 3. Find  $s_{i+1}, s_{i-1}$ for $s_i = 21$ and parameters $a, b, m = 7, 5, 2^{128}$

In [11]:
si = None

139894005126213875803355350381218258478

## Task 3: RNG improvements - hash function
 - Use hash function and improve the generator, the output should be again one byte long! 
 - Hash function can be used to protect next or previous values?
 - Check the length of the maximal sequence generated by the improved generator. 


In [14]:
import hashlib
def hash_int2int(i):
    obj = hashlib.md5(bytes(i))
    h = obj.digest()
    h_int = int.from_bytes(h, "big")
    return h_int

hash_int(0)

281949768489412648962353822266799178366

## Task 4: entropy
 - The function `time_resolution` gives certain amount of entropy per call. 
 - Guess the amount of entropy and implement `entropy` that will collect required bits (`req_bits`) of entropy.
 - Think about appropriatte way how to combine more entropy sources together!

In [18]:
from datetime import datetime
import time

def time_resolution(nano=False):
    if nano:
        dt = time.time_ns()
    else:
        dt = datetime.now().microsecond
    return dt

def entropy():
    pass

## Task 5: linux dev/urandom
- Read 100 bytes from the `dev/random` and `dev/urandom`. 
- Which of the files is blocking you? 
- Check how fast the system collects the entropy. Use `for` loop and generate one random byte in each iteration and print the time in seconds. 

In [20]:
with open("/dev/random", 'rb') as f:
    print (repr(f.read(10)))

b'\xd4K\x1a:\x08\x1f\xd2\x8f\xba\x06'
