0

How can I random seed with a char array instead of an int in C?
I want to use a password, not a number, but srand only takes integers.
Is there a way to do this?

jackcogdill
  • 4,900
  • 3
  • 30
  • 48
  • 1
    One way would be to create a hash of the string and use the resulting integer as a seed. – Edward Apr 13 '14 at 01:06
  • @CPlusPlusOOAandD Read the question again. That's not at all what I'm asking. – jackcogdill Apr 13 '14 at 01:09
  • 3
    @yentup To me it seems Edward answered correctly, that is, using a hash function to obtain an int from your password, and using that int as a seed to srand (litteraly passing that int to srand). – Chnossos Apr 13 '14 at 01:19
  • @Chnossos do you know the best hashing function for that then? – jackcogdill Apr 13 '14 at 01:20
  • @Edward do you know the best hashing function to use? – jackcogdill Apr 13 '14 at 01:21
  • Check out this question : http://stackoverflow.com/questions/7666509/hash-function-for-string, especially the accepted answer http://stackoverflow.com/a/7666577/3460805. – Chnossos Apr 13 '14 at 01:22
  • 1
    `srand((unsigned)strtoul("alphanums", NULL, 36));` – BLUEPIXY Apr 13 '14 at 01:22
  • @BLUEPIXY, this is OK as far as it goes, but will omit some of the characters if the password is too long. – vonbrand Apr 13 '14 at 01:55
  • @vonbrand, Do you think the need for a password so long? – BLUEPIXY Apr 13 '14 at 02:00
  • @BLUEPIXY, just don't make the user think that their "this is my long password, really passphrase, for december" is used completely when it really isn't. – vonbrand Apr 13 '14 at 02:15
  • @vonbrand I do not think it is suspect that so long password is required to determine the seed instead of a password security. Also I do not think size is also free and good. Please enter the five characters in a case alphabet and numbers most. I think that limit is a reasonable. – BLUEPIXY Apr 13 '14 at 11:07

1 Answers1

0

Just use a hash function. A classic is hash_pjw,

unsigned hash_pjw (const void *str)   
{
  const char *s = str;
  unsigned int g, h = 1234567u;
  while (*s != 0) {
    h = (h << 4) + *s++;
    if ((g = h & (unsigned int) 0xf0000000) != 0)
       h = (h ^ (g >> 24)) ^ g;
  }
  return h;
}

Note that rand() is nothing like cryptographically secure.

Gene
  • 46,253
  • 4
  • 58
  • 96
  • Yes, I know. I'm scrambling the coordinates of the pixels in an image for steganography. It's secure because the bytes of data being hidden are split up in binary, so it's impossible to know how to reorder the data without the random seed. Even for a very small amount of data, you could reorder it to be whatever you want. So there would be no way of knowing which way it should be reordered. Does that sound about right? – jackcogdill Apr 13 '14 at 01:35
  • I guess the vulnerability in that would be password length for brute forcing. – jackcogdill Apr 13 '14 at 01:42
  • To protect against brute forcing I can just hash the password 65536 times or something. – jackcogdill Apr 13 '14 at 01:44
  • Ok I guess I should just encrypt the data after all. – jackcogdill Apr 13 '14 at 01:48