从10位数字生成唯一的15位Pin码 [英] Generating a unique 15 digite Pin code from a 10digit number

问题描述

我想为草稿纸创建密码和序列号，我已经生成了唯一的10位数字，现在我想将10位数字转换为16位数字(最后加校验位).问题是执行此操作的函数应该是可逆的，因此通过查看16位数字，我可以检查它是否有效.(如果它不是由我生成的，则应该无效). 这就是我生成10位唯一随机码的方式:

I want to create pin codes and serial numbers for scratch papers , I have already generated unique 10 digit numbers , now I want to turn that 10 digit number to a 16 digit number (with check digit in the end) . The thing is that the function that does this should be reversible so by seeing the 16 digit number I can check whether it is valid or not .(if it is not generated by me it should not be valid) . this is how I have generated the 10 digit unique random codes :

      Guid PinGuid;
      byte[] Arr;
      UInt32 PINnum = 0;
      while (PINnum.ToString().Length != 10)
        {
          PinGuid = Guid.NewGuid();
          Arr = PinGuid.ToByteArray();
          PINnum = BitConverter.ToUInt32(Arr, 0);
        }

      return PINnum.ToString();

如果您能给我一个提示，我将不胜感激.

I would be grateful if you can give me a hint on how to do it .

推荐答案

首先，我会避免使用GUID，因为某些前缀是为特殊应用程序保留的.这意味着GUID的这些区域在创建时可能不会统一分配，因此您可能无法像计划那样获得10位随机数.

First off, I would avoid GUID since some prefixes are reserved for special applications. Which means that these areas of the GUID may not be allocated uniformly on creation, so you may not get exactly 10 digits of randomness like you plan.

此外，由于循环等待GUID变为正确的大小，因此您可以更高效地完成操作.

Also since your loop waits for the GUID to become the right size you could do it more efficiently.

10 digits = 10**10
Log_2(10) = approx 3322/1000

因此，大约10位数字需要33位.由于您希望数字精确地为10位数字，因此可以用前导零填充小于10 ^ 10的数字，也可以仅生成10 ^ 9到10 ^ 10-1之间的数字.
如果采用后一种情况，则您的空间中需要9 * 10 ^ 9个数字-为您提供所有数字，从1后跟9个零到9再加上9 9s.

So you need approx 33 bits for 10 digit number. Since you want your number to be exactly 10 digits, you can either pad numbers less than 10^10 with leading zeroes, or you can generate only numbers between 10^9 and 10^10 - 1.
If you take the latter case you need 9*10^9 numbers in your space -- giving you all numbers from 1 followed by nine zeroes up to 9 followed by 9 9s.

然后，您要将数字空间转换为更大的空间，将其扩展5倍，并再增加一位数字作为校验位.

Then you would like to convert this space of numbers into a larger space, to expand it by a factor of 5 and include one more digit as a check digit.

任意选择一个校验位功能.您可以简单地将原始的10位数字相加(mod 10)，或者选择更复杂的数字.

Pick a check digit function as anything you like. You could simply sum (mod 10) the original 10 digits, or choose something more complicated.

大概您不希望人们能够生成有效的实例.因此，如果您真的很重视安全性，则应在部署之前修改从网上获得的所有建议.

Presumably you do not want people to be able to generate valid instances. So if you are really serious about your security, you should modify any suggestions you get from the net before deploying them.

我会按照以下方式做点事情:

I would do something along the lines of :

• 通过

• Generate a uniform 10digit number with no leading zeroes by

randomTenDigits = 10 ** 9 + rand(9 * 10 ** 9)

randomTenDigits = 10**9 + rand(9*10**9)

使用加密方案(例如AES 256甚至RSA或El-Gamal，因为它们的速度较慢，因为输入长度很小，因此不再那么重要)，仅使用您自己和其他人使用秘密密钥对此10位数字进行加密信任都知道.也许您可以将10位数字连接10次，然后将结果与您选择的其他秘密进行连接，然后最终对10位数字是一部分的扩展机密进行加密.

Using an encryption scheme (like AES 256 or even RSA or El-Gamal since their slower speed will no be so important since input length is small ) encrypt this 10 digit number using a secret key only you and others you trust are aware of. Perhaps you can concatenate the 10 digit number 10 times, and then concatenate that result with some other secret that you choose, and then finally encrypt this expanded secret of which the 10 digit number is a part.

从结果密文中选择5位数字(大约17位)，并将其附加到10位数字上.

Take some choice 5 digits (around 17 bits) of the resulting ciphertext, and append these to your 10 digit number.

通过任意方法生成1位校验位.

Generate 1 digit of check digit by whatever method you desire.

您会注意到，此方案的真正安全性不是来自校验位，而是来自可用于验证16位数字的密钥.用来进行身份验证的测试是:将给定的10位数字与我拥有的其他机密连接时，使用仅我知道的密钥对提供的给定5位数字进行加密.

As you will note the real security of this scheme is not from a check digit, it is from the secret key you can use to authenticate the 16 digit number. The test you will use to authenticate it is: does the given 10 digit number when concatenated with other secrets I have, encrypt, using a secret key only I know, to the given 5 digit number presented with it.

由于攻击者伪造您的号码之一的难度取决于...的难度

Since the difficulty for an attacker of forging one of your numbers depends on the difficulty of

1. 发现您的秘密密钥和其他信息
2. 发现您使用的加密方法
3. 发现您为5位数机密发出的密文的哪一部分，或者
4. 只需强行强行使用5位数字来查找正确的配对，并且由于5位数字并不是很大的搜索空间，因此我建议改为生成更大的数字. 10或16位数字并不是很大的搜索空间.因此，我将使用大写和小写字母加上数字加上空格和句号来代替数字，以便在您的字母表中提供64个字母.然后，如果使用16位，则将获得约96位的安全性.

1. discovering your secret keys and other info
2. discovering which method of encryption you use
3. discovering which part of the resulting cipher text you emit for the 5 digit secret, or
4. simply brute forcing the 5 digits to discover the correct pairing, and since 5 digits is not a big space to search, I would suggest instead generating larger numbers. 10 or 16 digits is not really a huge space to search. So instead of digits I would use upper and lower case letters plus digits plus space and full stop to give you 64 letters in your alphabet. Then if you used 16 you get around 96 bits of security.

但是，如果数字是不可协商的，并且基本空间的10位数字的大小也是不可协商的，则这样做可能是最安全的.尽管您应该考虑如果有人通过供应商购买了您的硬件，该怎么办，以阻止人们强行使用它.我认为，设计安全性要比设计一种机制来检测试图对您的系统进行暴力查询的人更容易.

However if numbers are non-negotiable and the size of 10 digits for your base space is also non-negotiable, doing it this way is probably the most secure. You may be able to set up your system to deter people from brute forcing it, though you should consider what if someone acquires a piece of your hardware through a vendor. I believe it is easier to design security in rather than design in a mechanism for detecting people trying to brute force query your system.

但是，如果严重的面团即将上线(例如数百万)，那么您所采用的安全措施实际上应该是一流的.等同于用于保护一百万美元银行帐户的个人识别号的安全性.您越安全，就越可以信任和信任地开展业务.

However if serious dough is on the line ( like millions ) the security you employ should really be first class. Equivalent to the kind of security you would employ to protect a pin number to a million dollar bank account. The more secure you are the longer you can carry on your biz with credibility and trust.

因此，根据这些思路，我建议您增加秘密的数量，以使某人无法简单地尝试所有组合并伪造一个有效的组合，尤其是考虑如何设计系统以使其难以破解时，这是不可行的.有很多技能和动力(金钱)的人.你真的不能太小心.

So along these lines I would suggest increasing the size of your secrets to make it infeasible for someone to simply try all combinations and forge a valid one, and in particular thinking about how to design your system to make it difficult to break for people with lots of skills and motivation (money). You really can't be too careful.

这篇关于从10位数字生成唯一的15位Pin码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！