Follow lauxmyth on Twitter

Saturday, December 17, 2011

Diving Deep Into Pi

There are many creative ways to generate key, safe and alarm codes.  Some are trivial and generate repetitive or patterned codes.  I am going to cover a few of these to avoid followed by a few to get you stronger codes.

Birthdays & Other Dates
During setting safe codes, you learn from the client the code you just set the safe to was derivative of some birth date or other anniversary. In one case, the safe code was always pulled from one date or other.  The problem is this generates a very small set of safe codes.  A past employee who knows the last code was derivative of a date, can guess the new code is too. (If you tell me, then you probably tell some of the staff too.) Another problem is this code is drawn from a small set since it will over choose numbers under 12, under 30 and even the year is not truly random.

Phone Numbers
See everything I said above. I should add that if you were to derive a code from two different phone numbers of people who most of the staff do not know AND never tell anybody you were pulling the code from phone numbers, you could do this sometimes.  If you repeat it often, you will fall into patterns regardless.  A fact of life, we run out of friends at times.

Address Numbers
See everything I said above.

Time for some better methods.

Internet Random Number Generators
Many of these give pseudorandom numbers in that they repeat -- eventually. Some give truly random numbers by sampling real world noise.  Either way, to make this work for you, get the web page to print a few hundred at a time. When you need the alarm or safe code, you can pick six digits from the page and you could read down or at some angle too.

This link will give you 1000 numbers between one and 999 999 into ten columns. (It does not pad zeros to the front of shorter numbers so 15346 is 015346.  To a minor degree, you are decreasing the randomness to add the zero at the end.)

https://www.random.org/integers/?num=1000&min=1&max=999999&col=10&base=10&format=html&rnd=new

Let's assume you are the head cashier and you told even one staff this was your method to get safe codes. Or somebody may have snooped at the computer, the printer or the connection. You want the code you finally use to be well hidden.  Part of this is pulling 1000 codes from the server but you could also pull 5000 codes and print all of them too.  Any reload of the page will do no good as it will give a different set of codes.  However, the computer and printer may cache the pages you are using.  Again, print a page or two and then pick one code.

Diving Into Pi
Modern mathematics gives up several decimal numbers which never repeat nor terminate.  One such number is the number Pi from geometry as the ratio of a circle circumference to diameter. It is now calculated to billions of digit but you only need find a web pages with a few million digits and dive down.  Like the random numbers above, you can get a printer to spit out pages and pages of digits.  You print and then pick the six digits you need either by standard reading or backwards or vertically or some other sampling.

Again, if you are a had cashier, save these pages in a secure place.  Provided you did not circle the code you used nobody could find the code from them.  However, a week later you could since you picked the sample the first time.

To get you started, here is a link to get the first million digits of Pi.
http://newton.ex.ac.uk/research/qsystems/collabs/pi/
There are many other similar sites on the web.

There are also similar numbers to use in much the same way.
Square root of 2 or the roots of many other numbers.
Looking on the web, I found this great link page from NASA.  It gives several numbers to many decimal digits.
http://apod.nasa.gov/htmltest/rjn_dig.html

Something Approximating a Summary
One can use simple methods and faithfully do two things to get secured codes.  Mix up your methods and do not tell anybody how you derived a code.

The better system is to use a method which does not matter if they know.  Find a source for thousands of random codes and pick one. Next time around, you generate a few thousand more. I could learn your method and you still not 'guess' the code.

--- --- --- --- ---
The contents of this post are released for non-profit or educational use in whole or in part provided this statement and the attribution below are kept attached. And remember, keep your follower on the plug.

Laux Myth ... Thoughts From a Locksmith
By MartinB, Found @ http://lauxmyth.blogspot.com/ 

No comments:

Post a Comment