You are viewing a single comment's thread from:

RE: Using Quantum Mechanics To Generate Genuinely Random Numbers

in #crypto7 years ago

I wasn't specifically talking about 2FA here, but yes, 2FA codes are pseudorandom. That's by design, so that both you and the service you are authenticating can know the same secret code at the same time.

Oversimplifying a bit, when your device first syncs up with the service you want to use 2FA for, they share a secret key. After that, the 2FA codes you see changing every so often are just a SHA-1 hash of that key and the current time. The codes are entirely predictable, but only if you know the original secret key. It's described in detail in IETF RFC 6238.

Generating that secret key for a PRNG, on the other hand, would be a great use for Bierhorst's RNG.

Sort:  

thanks for the info! Good stuff. I have been wondering how 2fa works.

How far away do you think quantum computers/quantum based machines are from being used in a mid to large scale capacity? I was surprised when I read you post. I was unaware that we had gotten this far already. It's exciting but I wonder what changes this new tech could make to our existing systems. Will seemingly unbreakable codes be attacked by a new threat vector exposed by coding beyond binary or will there be no overlap between binary and non binary coding?