Attack Of The 50 Foot Clippy
Attack of the 50 billion 50 nanometer Clippies
But that just gives you the seed. The random number generator is then applied to the seed. So, right seed, wrong generator = wrong answer. Likewise, wrong seed, right generator = wrong answer. So for each of those 60k possibilities, they still have to check some number of generators (g), so it’s 60k to the g-th power. Or am I missing something?
Why would you ever waste time using the wrong random number generator?
The assumption in serious cybersecurity is that you always know exactly what techniques your opponent is using; what you don’t know is just things like keys and seeds. Inexperienced folks often try to use “security by obscurity”, keeping the method itself secret, but this is a very bad idea, because methods aren’t designed to be secret, and so are likely to leak. And for any given cybersecurity task, there’s one or two good ways to do it, and about 17 billion bad ways to do it, so if you’re not doing it using the standard method that’s published in all the textbooks, you’re probably using a bad method.
If you’re using a standard, known method, and what method you’re using gets out, you don’t care, because you expect that to be public knowledge. If you’re using a standard, known method, and your key somehow gets out, you keep using the same method and change your key. If you’re using a sooper seekrit method and your method gets out, you’re screwed, and even changing your keys won’t help, because your sooper seekrit method probably sucks.
