了解 C++ 中随机数生成器的种子是什么?
我有一个非托管 C++ 控制台应用程序,其中使用 srand() 和 rand()。我不需要这个来解决特定问题,但很好奇:传递给 srand() 的原始种子是否存储在我可以查询的内存中的某个位置?有什么办法可以知道种子是什么吗?
I've got an unmanaged c++ console application in which I'm using srand() and rand(). I don't need this to solve a particular problem, but was curious: is the original seed passed to srand() stored somewhere in memory that I can query? Is there any way to figure out what the seed was?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
不需要存储种子,只需要存储最后返回的随机数。
这是联机帮助页中的示例:
The seed is not required to be stored, only the last random number returned is.
Here's the example from the manpage:
如果你有一个简单的线性同余生成器,你有几个值,这会产生一个方程组:
如果你知道第一个值,你可以按顺序倒退:
你不知道唯一的种子,你只知道它mod m (这通常没问题,因为 (0 < seed < m) 无论如何)如果 v1 - b 为负数,则需要添加 m 直到再次为正数。
您还可以查看中国剩余定理,尽管它并不完全匹配。
If you have a simple linear congruential generator, for which you have several values this yields a system of equations:
If you know the first value, you can go backwards in the sequence:
You don't know the seed uniquely, you only know it mod m (which is usually fine since (0 < seed < m) anyways) If v1 - b is negative you need to add m's until its positive again.
You might also look at the Chinese Remainder Theorem, though its not an exact match.
我不知道您的汇编熟练程度是什么,或者您是否有权访问非托管应用程序的源代码/调试符号,但除了这种欺骗之外,没有可行的方法来确定原始种子值。随机数生成器的全部目的是想出一种方法来为您提供不可预测的数字 - 任何两个给定的 rand() 调用之间的关系不应该是可推导的。在密码学上强大的伪随机数生成器中,能够根据生成的随机数猜测种子将被视为严重缺陷。
最简单的方法是在调试器下启动应用程序并在调用 srand() 的位置设置断点 - 然后只需查看传递的参数。
接下来是反汇编应用程序并找出 srand 调用的情况。它完全有可能是用当前时间播种的 - 然后你可以尝试一堆猜测(你可能可以将其范围缩小到几千左右),看看是否有任何给出与应用程序正在使用的相同的随机数序列。 (当然,这假设您有某种方式知道生成的随机值是什么)。种子也有可能一直是像“0”这样的愚蠢的东西。
I don't know what your level of assembly proficiency is, or whether you have access to the source code / debugging symbols for the unmanaged app, but outside of that sort of trickery, there is no feasible way to determine the original seed value. The entire point of random number generators is to come up with a way to give you unpredictable numbers - the relationship between any two given calls to rand() should not be deducible. In cryptographically strong pseudo random number generators, it would be considered a serious flaw to be able to guess the seed based on a generated random number.
The easiest way to do it, would be to start the application under a debugger and set a breakpoint where
srand()is called - then just look at the passed parameter.Next would be to disassemble the app and find out the circumstances of the srand call. It's entirely possible that it's being seeded with the current time - then you can try a bunch of guesses (you can probably narrow it down to a few thousand or so) and see if any give the same sequence of random numbers that the app is using. (Of course this assumes you have some way of knowing what the random values being generated are). It's also possible that the seed is something dumb like '0' all the time.
从理论上讲,不是 - 种子值用于计算下一个随机值,并且该值(理论上)用于为下一个随机数提供种子,依此类推。
从安全角度来看,能够窥视种子(无论是原始种子还是新种子)是一个严重的安全问题,因此我希望您不应该能够查看它,即使它必须存储在某个地方。
Theoretically, not - the seed value is used to compute the next random value and that value is (theoretically) used to seed the next random number and so on.
Security wise, being able to peek into the seed (whether the original one or a new one) is a serious security problem so I expect that you shouldn't be able to look into it even though it must be stored somewhere.