TechGenix and SolarWinds have partnered to provide a fully-functional, free 21-day trial version of SolarWinds ipMonitor, the WindowsNetworking.com Readers' Choice Award Winner for monitoring applications, servers, and network devices to all visitors who join Security Forums. Sign up to Security Forums and get your copy today! Existing members can pick up a copy from the Members Area.
| View previous topic :: View next topic |
| Author |
Message |
Ralle
Regular Member
Joined: 21 Sep 2003
Posts: 68
|
 Posted: Mon Mar 08, 2004 5:23 pm Post subject: Graphical overview of algorithm randomness |
 |
|
During class i got an odd idea.
Characters like "a" or "2" or "²" are all represented by a number between 0 and 255.
The colour of an object is described with 3 numbers between 0 and 255.
Thus, you can take 3 characters, get their ascii value and use that for red,green,blue values for a pixel. If you do this to a large text, take 3 characters, create a pixel with that color, take the next 3 and so on, you would end up with a picture.
So i did a script in php that does this, which can be found here (code in end of post)
I also did a script that generates random rgb values, thus creating random pictures, which can be found here
Now, this was pretty funny and all, and was a good way to learn php, but after some time i realized that this could be used to visualize how random output a given algorithm returns. You simply encrypt large amounts of text, copy paste the output into this and see how much the picture resembles this random picture (random one made every time you load it)
I did some tests myself. first i created a random picture, then i encrypted some plaintext with pgp and created a picture from the ciphertext and finally i encrypted the same plaintext with my homemade algorithm and created a picture from the ciphertext.
Results are below:
Random picture:
Plaintext:
PGP algorithm:
My own algorithm:
The code as i promised:
| Code: |
<?php
/*
This script creates images from text
:)
*/
header("Content-type: image/png"); //tells the browser that it is a picture
$text=$_POST['text']; //saves the text from the url in $text
$length= strlen($text); //saves the length of the text in $length
$w=300;
$h=$length/(3*$w);
$i=1;
$im = imagecreatetruecolor($w, $h); //creates an image with $w width and $h height
for($x = 0; $x <=$w; $x++) //all pixels on the x-axis
{
for($y = 0; $y <=$h; $y++) //all pixels on the y-axis
{
$color = imagecolorallocate($im, ord($text[$i]), ord($text[$i+1]), ord($text[$i+2])); //finds the color
imagesetpixel($im, $x, $y, $color); //draws the color in the pixel
$i=$i+3;
}
}
imagepng($im); //write the picture
imagedestroy($im); //delete the image from memory
?>
|
|
|
| Back to top |
|
 |
UziMonkey
SF Reviewer
Joined: 19 Dec 2003
Posts: 554
|
| Posted: Mon Mar 08, 2004 10:45 pm Post subject: |
|
|
This is an interesting concept, but the results are a bit difficult to analyze. Phase space analysis would be a much better method, a very interesting example is here, graphing TCP ISNs. It's a very simple principal, and it's explained briefly at the beginning of the article.
Edit:
Here's something I just whipped up. It uses libpng to dump an image of what I talked about in my previous post. I went for simplicity and kept it to two dimensions, but you still get some pretty intersting patterns.
| Code: |
#include <stdio.h>
#include <stdlib.h>
#include <png.h>
#define WIDTH 256
#define HEIGHT 256
int main (int argc, char** argv) {
png_structp png_ptr;
png_infop png_info;
png_byte** image;
unsigned i;
unsigned x, y;
unsigned char s1, s2;
unsigned intensity;
if (argc > 1)
intensity = atoi (argv[1]);
else
intensity = 1;
png_ptr = png_create_write_struct (PNG_LIBPNG_VER_STRING,
NULL, NULL, NULL);
png_info = png_create_info_struct (png_ptr);
png_init_io (png_ptr, stdout);
png_set_IHDR (png_ptr, png_info, WIDTH, HEIGHT, 16, PNG_COLOR_TYPE_RGB,
PNG_INTERLACE_NONE, PNG_COMPRESSION_TYPE_DEFAULT, PNG_FILTER_TYPE_DEFAULT);
image = malloc (sizeof (png_bytep) * HEIGHT);
for (i = 0; i < HEIGHT; ++i) {
image[i] = malloc (sizeof (png_byte) * WIDTH * 6);
}
// Max out all alpha channels
for (y = 0; y < HEIGHT; ++y) {
for (x = 0; x < WIDTH; ++x) {
image[y][x*6+1] = 255;
image[y][x*6+3] = 255;
image[y][x*6+5] = 255;
}
}
s1 = fgetc (stdin);
while (!feof (stdin)) {
s2 = s1;
s1 = fgetc (stdin);
image[s1][s2*6] = image[s1][s2*6+2] = image[s1][s2*6+4] =
image[s1][s2*6] + intensity > 255 ? 255 : image[s1][s2*6] + intensity;
}
png_write_info (png_ptr, png_info);
png_write_image (png_ptr, image);
png_write_end (png_ptr, png_info);
png_destroy_write_struct (&png_ptr, &png_info);
return 0;
}
|
Here is some of the results:
Plaintext:
Elf binary:
A pdf file:
//[b][/b]dev[b][/b]/urandom:
This was just a quick and dirty program, it needs much better control over the intensity. It could also do with a third dimension, patterns would show up much better that way.
Anyway, what do you think?
_________________
Use Jabber instead
My JID: uzimonkey@jabber.org
"Whether freedom is going to survive at all is in doubt, but we've got to try" - RMS
The Blacksun Research Facility
|
|
| Back to top |
|
|
Ralle
Regular Member
Joined: 21 Sep 2003
Posts: 68
|
| Posted: Tue Mar 09, 2004 10:19 am Post subject: |
|
|
Im not very good at c. Actually i am pretty bad at it 
Can you please try to explain what your program does
Hmm i do not know if this is what you are talking about but i just realized that a 3-dimensional space coordinate also consist of 3 numbers. If the height width and lenght is set as 256 then this would also be 3 numbes between 0 and 255. This way you could have randomness shown as where dots are in space. Could be cool, and might give a image that is easier to analyse.
|
|
| Back to top |
|
|
UziMonkey
SF Reviewer
Joined: 19 Dec 2003
Posts: 554
|
| Posted: Tue Mar 09, 2004 11:18 am Post subject: |
|
|
More complex datasets would be much easier to analyze using 3 dimension. This technique doesn't rely on the numbers themselves, but the spaces between them. I've just finished converting the code from the link I sent you, and now have a //[b][/b]dev[b][/b]/urandom sample in 3 dimensional space.
Actually, my last piece of code sort of misses the point, but it shows the grouping of data in non-random data sets well.. This second piece of code is so messy, I won't post it here until I fix it, but here are some of the results. Note that there's something wrong with my code, and those "rays" shouldn't be there.
Plaintext:
Elf binary:
A pdf file:
//[b][/b]dev[b][/b]/urandom:
If I were to test some weaker PRNGs, you be able to see definite patterns. Weak PRNGs will have a number of predictable groupings or a single tight grouping in the center. //[b][/b]dev[b][/b]/urandom is pretty good though, as it has many sources of entropy. This program takes raw binary data and reads it as long integers, so feel free to post any chunks of data you'd like to see run through this program until I can get the source posted..
Very tired now, going to bed.
_________________
Use Jabber instead
My JID: uzimonkey@jabber.org
"Whether freedom is going to survive at all is in doubt, but we've got to try" - RMS
The Blacksun Research Facility
|
|
| Back to top |
|
|
data
Forum Junky
Joined: 08 May 2004
Posts: 650
Location: India
|
| Posted: Mon May 10, 2004 8:19 am Post subject: |
|
|
hi,
you can also try george marsaglia's die hard test for randomness.
Data.
|
|
| Back to top |
|
|
|
