Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Meta
Re: Activity & new membergroup limits
by
Quickseller
on 21/03/2015, 19:48:24 UTC
Quote from: theymos on March 21, 2015, 07:27:18 PM
Quote from: Quickseller on March 21, 2015, 07:19:45 PM
If I have many examples when one out of two variables is known and the other is unknown and the output is always the same, then I would think that it would be possible to determine what the unknown variable is. I would think it would be similar to figuring out the private key that was created using a weak RNG.

I would think that someone would essentially use some level of computing power to "guess"/hash what the secret seed is based on the above known variables.

Nope:

Quote from: theymos_away on August 12, 2014, 08:56:33 PM
Quote from: dserrano5 on August 12, 2014, 08:08:32 PM
I must be missing something then.

Let's say I (user id 17768) achieve Legendary status next tuesday, when my activity goes from 798 to 812. That means that:

Code:
799  <= 775 + conv(substr(sha1(concat('17768',secretSeed)), 1, 2), 16, 10) <= 812
24   <=       conv(substr(sha1(concat('17768',secretSeed)), 1, 2), 16, 10) <= 37
0x18 <=            substr(sha1(concat('17768',secretSeed)), 1, 2)          <= 0x25

And by removing the substr(…, 1, 2) part we infer that secretSeed is either:

- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 18, or
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 19, or
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 1a, or
...
- some word such as sha1(concat('17768',secretSeed)) results in any hash starting with 25.

And it isn't difficult to find those 14 possible seeds, right?


That's like trying to find the equation of some particular line when you only have one point on the line. You can find an infinite number of possible lines, but there's essentially no chance that you'll find the correct line. And with SHA-1, you won't get any closer to finding the true "line" no matter how many points you have. There are very many possible seeds which would perfectly match the current list of Legendaries, but only one of them will also match all future Legendaries.
Well at least I am not the first person to make this mistake.
Quote from: theymos_away on August 12, 2014, 08:56:33 PM
That's like trying to find the equation of some particular line when you only have one point on the line. You can find an infinite number of possible lines, but there's essentially no chance that you'll find the correct line. And with SHA-1, you won't get any closer to finding the true "line" no matter how many points you have. There are very many possible seeds which would perfectly match the current list of Legendaries, but only one of them will also match all future Legendaries.
It sounds like a very simplified way of explaining it is that my (and dserrano5's) assumption was that the line is on a 2 demential plane, while in reality, the line is on a three demential plane, the two variables only make up the x and y coordinates (or the x/z, or the y/z but which one shouldn't matter), and that you need the third (missing) variable in order to accurately calculate when future legendary accounts will become legendary.

Out of curiosity, how would someone who can read your code be able to accurately predict when someone will become legendary without the secret seed?