1

How do I go about reverse engineering this random generator so that it returns the initial value "123456" from the generated random value?

public class calcus {
  public static void main(String[] args)  {
    int count = 0;
    StringBuilder sb = new StringBuilder();
    Random r = new Random(123456);
    while (count < 7) {
        count++;
        sb.append(r.nextInt(27)).append(",");
    }
    String[] reverseNumber= sb.toString().split(",");
    System.out.println(Arrays.toString(reverseNumber)); // [9, 11, 19, 16, 19, 4, 15]            
  }
}
king amada
  • 139
  • 2
  • 14
  • What is you need? I mean Can you explain more. Do you need to Find out the logic behind Random. – Prathibha Chiranthana May 19 '18 at 05:11
  • I want to know how to implement(code) the reverse method, so that I can get the initial value from the generated random number, since it will always generate same random number if I use the `nextInt(27)` for the random number **123456** – king amada May 19 '18 at 05:55
  • Java, I believe, uses 48bit LCG. It is always a reversible generator, so given output bits you could quickly get the seed: https://stackoverflow.com/questions/2911432/reversible-pseudo-random-sequence-generator – Severin Pappadeux May 19 '18 at 06:01
  • @SeverinPappadeux I saw the question before I asked this question, but I really don't know how to implement it in my code above, if you can help, that would be great. – king amada May 19 '18 at 06:43
  • 123456 is not your initial value, it is the seed you use for the generation of subsequent random numbers. – Sebastiaan van den Broek May 19 '18 at 07:35
  • Yes, it's the seed, I thanks for the correction, so how can I go about it? – king amada May 19 '18 at 07:50

1 Answers1

2

Literally, you don't need to reverse engineer the Random class.

  • The source code is published for all to see. (For example, google for "java.util.Random source" ...)

  • The algorithms that it uses are described in the javadocs in sufficient detail for you to reimplement it. Even the algorithm for setting the seed.

But if you are asking if you can run the random sequence backwards to recover the seed, you would need to carefully examine the code and work out the inverse function for the LCG. But I'm not sure it this will be sufficient, since nextInt(int) and even nextInt() don't return the entire 48 bit state of the generator.

To get around that, you may need to do some "nasty reflection" to extract the state. And if you are going to do that, the source code shows that the Random class records the value of the seed. So you may as well just extract it directly ... in the same way.

(How? Search for a Q&A that explains how to access a private field using reflection.)

Stephen C
  • 698,415
  • 94
  • 811
  • 1,216
  • You cannot recover the seed from a single output. Since this is not a cryptographic RNG, you can recover it from a sufficient volume of output. See [Cracking a linear congruential generator](https://security.stackexchange.com/questions/4268/cracking-a-linear-congruential-generator) for more. – rossum May 19 '18 at 07:49
  • @rossum: The next()* methods of Random class do not use the low 16 bits of the LCG, hence those are never observed. This makes recovery somewhat more challenging than your link suggests. – President James K. Polk May 19 '18 at 13:08
  • Yes, not using the low 16 bits does make it more difficult, but that just needs a longer set of outputs to determine all the parameters of the generator. 16 bits is 65536, so at a maximum that many outputs would determine everything. I suspect a lot less than that, but I cannot be sure without doing the calculation. – rossum May 19 '18 at 16:14