possible w.r.t. computationally bounded observer if the PRG is “hard to invert” relative to the observer
What is (Pseudo)-Random? (cont.) PRG random seed pseudorandom string random string look indistinguishable to any efficient observer Definition [Blum-Micali-Yao]: PRG is a polytime function whose output is indistinguishable from random by any efficient observer 01010111001… 11010011010… 1001
Attacking Weak PRGs Find programs with weak PRG Break-in Guess the initial seed of a PRG Guess the state of a PRG
Stompy (session stomper): http://lcamtuf.coredump.cx/stompy.tgz . Seems to be too “optimistic”
“ We could not arrest or charge this suspect because technically, no offence was being committed as there was no legislation in place to say that the act being committed was criminal. So, we had to let him go,” said Sergeant Jemesa Lave of the Fiji Police Cyber Crime Unit.
Amazon.com uses a session-id , a 17-digit random number- is a persistent cookie that expires after 7 days. It is set the first time you reach Amazon. Its value does not change after you log in, nor when you switch users.
Several nice GUI tools to analyze session IDs for common problems ( WebScarab, BurpSuite , SPI Cookie Cruncher,Foundstone CookieDigger, etc)
Test alphabet distribution, average bits changed, FIPS tests, etc.
WebScarab – Predictable Cookies Entropy is a measure of uncertainty regarding a discrete random variable. For many purposes, the Shannon entropy is the only measure needed. Shannon entropy is defined byShannon (4.1) has the unit bits. Not amazon.com