On Thu, 2003-07-10 at 15:35, Paul Hoffman / IMC wrote:
- Can random.random() run out of randomness? That is, if you bombard the machine with requests that call random.random(), will it start sending out predictable responses?
Any pseudo random number generate can, right?
Some PRNGs have failure modes which become easily predictable. These are almost always triggered when the source of random bits is exhausted. If you ask for too much randomness too quickly, you can start getting predictable data. Well-written PRNGs are smarter than this: they put out not-very-random but very-random-looking values, usually based on "hash of ( the last random value | current time | job number )".
Python 2.2's RNG has 45 bits of randomness, Python 2.3's 53 bits. The latter uses the Mersenne Twister algorithm which I'm told is the state of the art.
Then this is sufficient. And so is 45 bits of randomness.
> - What is the granularity of the server's current time? If it is"seconds", this is becomes easily predictable to an attacker. Even if it is "hundredths of seconds", that only means that the attacker has to send one or two hundred attempts for each confirmation. Unless Mailman notes "failed attempt to confirm a subscription", this could be lost in the noise.
Depends on the server OS. We probably only care about *nix systems, but I'm sure there's variability even within that family. On Linux, I believe there is a 1us resolution for time.time() which uses gettimeofday().
As long as your random value has 45 bits of randomness (and none of those bits rely on the time!), then it doesn't matter how predictable your time value is.
> - How many bits of the hash are used? I ask because many programsthat use hashes will not use the whole hash.
We use all 160 bits of the sha hash.
Good!
In summary, assuming that the first answer above (about the pseudo-random number generator) is correct and it gives 45 bits of randomness at each invocation, there is no way that an attacker can attack the auto-responder without sending about 35 trillion messages.
--Paul Hoffman, Director --Internet Mail Consortium
