That’s because you need an extra fencepost at the far end of the sixth section: This is known as a fencepost error, by analogy with the fact that it takes seven fenceposts one metre apart to create a fence six metres long. The programmer meant to specify that 0 ≤ X < 250 or, equivalently, that 0 ≤ X ≤ 249. There are 251 different integers such that 0 ≤ X ≤ 250. The less-than-or-equal-to sign should be a less-than sign. → If the randomSalsaByte() function is truly random, there is no mathematical guarantee that it won’t continue to return values above 250 for seconds, or minutes, or months. The code above is certainly an inelegant solution, since it is, in theory, at least, a potentially infinite loop. The idea is simple: 250 is evenly divisible by 10, so it’s easy to map the numbers from 1.250 onto the digits 0.9.Īnd 250 is very close to 256, so by simply throwing away random bytes from 251.255, the problem of indivisibility by 10 is sidestepped.
Since they couldn’t divide 256 bytes into 10 equally-sized groups of values, the coders resorted to a trick: Start building a number (0<=N<1) as a text stringĬuriously, the coders generated each random ASCII digit by extracting a random byte from a stream cipher of excellent repute known as Salsa20, and converting that byte into one of the characters from ‘0’ to ‘9’.īut a byte (8 bits) can take on 256 (2 8) different values, and 256 isn’t a multiple of 10. They constructed a text string representing a random 16-digit (53 bit) decimal number somewhere from 0 to 0.999999999999999 inclusive.
Since Cryptocat’s core PRNG function, Cryptocat.random(), returns a JavaScript number, the coders made sure they extracted all possible variability every time it was called.
#Cryptocat firefox 64 Bit#
Usefully, 8-byte floats allow you to represent integers up to and beyond 32 bits, though annoyingly this numeric range doesn’t extend all the way to 64 bit integers.įor technical reasons, IEEE-754 numbers run out of integer precision at 2 53, which corresponds to nearly, but not quite, 16 decimal digits of precision.
Cryptocat random numbers, old-styleĬryptocat is written in JavaScript, which represents numbers internally as 8-byte IEEE-754 floating point numbers. With this in mind, I thought it might be interesting, and educational, to drill into one of Cryptocat’s now-patched PRNG bugs. So, to generate a steady supply of unpredictable, unguessable, one-use encryption keys, Cryptocat needs a steady supply of high-quality random numbers.
#Cryptocat firefox cracked#
PRNGs are a key component of cryptographic softwareįor the same reason that you don’t use the same password on more than one website, so that one cracked password doesn’t open up your whole online life, Cryptocat generates new keys every time you chat to someone. One of these flaws was found in the heart of Cryptocat’s PRNG (pseudo-random number generator). It turned out that the Cryptocat code had for some time contained a number of cryptographic flaws that made it measurably less secure than its users might reasonably have assumed.
#Cryptocat firefox software#
The software enjoyed a surge in popularity as a result, which made last week’s Fourth-of-July vulnerability announcement all the more worrying. We recently wrote about a security advisory from Cryptocat, an open-source web-based secure messaging project.Ĭryptocat’s hacktivist credibility was cemented in 2012 when its Canadian developer, Nadim Kobeissi, was stopped at the US border and interviewed about his Cryptocat-related programming activities.
0 kommentar(er)
