Having this (simplified) C# class:
public static class RandomValue
{
private static readonly Random s_random = new Random();
public static int GetRandomValue()
{
lock (s_random)
{
return s_random.Next();
}
}
}
Is it possible to predict the next value of GetRandomValue() by looking at the values generated by this method?
Assumptions (for the sake of the question):
- The attacker does not know the seed (of course).
- The attacker can observe an unlimited number of subsequent results of
GetRandomValue().
I'm asking because I've seen some code using a similar approach to generate some kind of access tokens. This code was not written by me and I would probably have used one of .NET's crypto random classes. I'm just curious whether this is still sufficiently secure.
Aucun commentaire:
Enregistrer un commentaire