A source of entropy?
Last weekend I spent time formatting a little over 100 new floppies. When I was staring at the monitor between changes, I started looking at the volume serial number that was being thrown up for each disk. These *appeared* to be unpredictable from the previous serial number given. If the serial number is represented as xxxx-yyyy then sometimes yyyy would be one less than the previous yyyy but xxxx always seemed to be "random". The disks were all brand new, no errors (from a couple of boxes of 50 and some odd ones), formatted at the Win95 DOS prompt with 'format a: /u' no volume labels and pressing 'y' to format the next disk. Would anyone like to comment on the possible entropy from these serial numbers, even if it's only to say "Don't be daft, DOS derives the numbers like this..." I'll probably be doing a similar number next weekend. If any interest is generated from this post, I could always record the serial numbers given to the next batch to look for correlations. (Please don't reply with 'invest in a bulk-formatter' - I can't afford one right now.) ********************************************************************** David Lucas PGDip Software Engineering @@ BEng(Hons) Civil Engineering Postgraduate Software Engineer, University of Abertay Dundee, SCOTLAND @ E-mail: inssdl@dstn21.dct.ac.uk @ 2+2 = 5 for large values of two @ If you're not living on the edge, then you're taking up too much space Organisations can't have opinions, only people can and these are mine. Dave's Doorstep is back!!!! - http://river.tay.ac.uk/~i95dl/index.html **********************************************************************
-----BEGIN PGP SIGNED MESSAGE----- On Mon, 25 Nov 1996, inssdl wrote:
Last weekend I spent time formatting a little over 100 new floppies. When I was staring at the monitor between changes, I started looking at the volume serial number that was being thrown up for each disk.
These *appeared* to be unpredictable from the previous serial number given.
If the serial number is represented as xxxx-yyyy then sometimes yyyy would be one less than the previous yyyy but xxxx always seemed to be "random".
The serial number is derived from the time of day. This is used by a lot of programs to get a few bits of entropy, so the disk serial number will probably not add much entropy. Here's a post I saved from alt.hackers that explains the exact algorithm: From: jsl2228@acf4.nyu.edu (jsl2228) Newsgroups: alt.hackers Subject: Re: Disk Serial Numbers. Date: 17 May 1995 04:36:00 GMT MICHAEL PAUL DANIEL (mdanie@wilbur.mbark.swin.oz.au) wrote: : Just a quick question.. How does MS-DOS determine the serial number when : you format a disk?? It's not a pesudo-randum number #, it actually has a formula. It's based on the current date & time. unsigned long int NS; (Serial numbers are 32 bits) NS = ( ( ( ((seconds << 8) + hundreth) ) + ((day << 8) + month) ) << 16 ) + ( ((hour << 8) + minutes) + year); Try this: get a disk that is already formatted (but whose data you don't care about:)
FORMAT A:/Q/U/V:""
Format the disk once, note the serial number, then immediately format it again. Note that the second serial number only differs in a few digits from the first. [rest deleted] Mark - -- finger -l for PGP key PGP encrypted mail prefered. 0xf9b22ba5 now revoked -----BEGIN PGP SIGNATURE----- Version: 2.6.3 Charset: noconv iQEVAwUBMpoP1yzIPc7jvyFpAQHRrwf9ErlmAu6WObOvxPIX1ZC1NhpeoLOJXO8T WfLow0dDTKqN7+kfHNbE3sFJpX5hZptglsLqB2I0xFobdOlbDhTIQ34qZ0ZNIKTG CX+ILythFWw4bAGnHanecK80FTpMP9lQRBMSZt+CrKi5YteLkdHHsS2aq+JdbHlI RJkNiVfwkHdfLvIiKDAQqx7IzjW2oM7Q32D2zySb8aDNB2cn7CawlJauq69ultWG O1axD7wf2q3G4NccvgZQx4c0W6loF7NWgiDQVchvI6eCxILDg5LYrj7aH9RfomcO 4sTjdoxXaopZiRt5lhLCXtx9+z4VKtuSuFyTCDM8xLoNPEcbYrFXow== =GXvQ -----END PGP SIGNATURE-----
participants (2)
-
inssdl@dstn21.dct.ac.uk -
Mark M.