I need to implement deterministic randomization of some private data. I.e. we have some original UUID, then we use its md5 hash to seed a RNG and generate a new UUID like this:
input hashlib, uuid, random
# seed RNG
hex_seed = hashlib.md5(original_uuid.encode()).hexdigext()
seed = int(hex_seed, 16)
random.seed(seed)
# generate new UUID
val = random.getrandbits(128)
new_uuid = str(uuid.UUID(int=val))
Original values may be not only UUIDs but also usernames or other data, as well as resulting values, hence md5 hashing. But the most important is UUID.
Now the question is: how hard is it for an attacker to calculate original UUID value given resulting UUID?
MD5 could be reversed using rainbow tables. But is it hard to reverse Python's build-in RNG to determine its seed value from 128 generated bytes? I tried to find it out myself but got stuck a bit. So far I could find out that getrandbits(128) results in 4 calls to genrand_int32, and that out seed() call results in init_by_array being called with an array of 4 32-bit integers.
References: 1. Python's RNG source code (in C): http://ift.tt/2hLJ8fx
Aucun commentaire:
Enregistrer un commentaire