NetHack Patch Database v0.27

318 patches

A cryptographically secure PRNG

NameA cryptographically secure PRNG
RatingNot rated
AuthorMikko Juola
ForNetHack 3.4.3
DescriptionReplaces the PRNG used in NetHack with cryptographically secure algorithms.
 This patch implements AES and SHA256 in rnd.c and uses them to generate random numbers in a simpler Yarrow -like manner. It collects entropy from /dev/random or /dev/urandom if LINUX is defined and high-resolution clock (gettimeofday). If UNIX is not defined, it only uses the latter for entropy (making this PRNG much weaker).

This patch is useful if you have a NetHack server and don't want your players to crack the default PRNG (shown to be easily breakable).

Update: fixed two minor mistakes that throw away the old state of the PRNG
DownloadGet it from us (100.5 Kb)
AddedApril 04, 2009 23:28
ChangedApril 06, 2009 23:04
Submit an update to this patch


 tedavOctober 03, 2013 13:27
For games that also implement the coin-flipping patch, it would make sense to use C's random number function just for the result of the coinflip so that you can't easily observe several nearly consecutive binary results. Might be overkill, but adds security. (UnNetHack does this)[Quote]
 Mikko JuolaOctober 03, 2009 10:29
Eric Herman wrote:

Rather than copy-paste from LibTomCrypt, would it make more sense to link to it?

It can make more sense. However, I figured that because I only need two algorithms for a very specific purpose, it would be better to have less hassle for those who compile nethack with this patch. Modifying the code to use <insert your favorite encryption library here> is easy, if you really want to link to a separate library.

I add something that isn't mentioned in the description. This PRNG is very slow compared to the stock one. The CPU time used is still miniscule but I suggest testing it first, if this could be of concern.[Quote]
 Eric HermanOctober 01, 2009 14:49
Rather than copy-paste from LibTomCrypt, would it make more sense to link to it?[Quote]

Add a comment

Name ()required
Rating (0 is worst, 5 is best) 
You can use up to 1024 characters.
Only supported tag is [url]clickable_link[/url].

You will need to answer the following question correctly: What symbol represents a trap?