Eve Defines Probability And Predicts Five Randomly Generated Numbers!

Eve takes to the stage and announces that she will predict five randomly generated numbers. "Now", she says, "I will use Python for this, and show that every time I run this program, I will get completely different random numbers:

import random 
import time

tt= time.mktime(time.gmtime())

random.seed(tt)

for i in range(5):
      print(random.randint(1,100))

"So, Bob, please run the program, and show the audience that each time it produces new random numbers, that are different from before", says Eve. Bob runs the program, and shows that each time he gets different numbers, such as:

88
94
33
37
83

and the next time he runs it, he gets:

91
59
52
67
62

Eve calls for silence, and the audience goes into a silent mode, and wait for the great Eve the Magician to work her magic. "Now Bob, you run the program, and don't show me the answers, and I will write my predictions on a piece of paper", she says.

She pauses for what seems like an eternity. A large clock now appears on the stage, and the room is filled with a sound of clock ticks. She watches the audience and the clock, and then turns to Bob, and says ... "Now run the program!".

Bob runs the program, and Eve then writes her predictions.

The lights go down and she announces ... "63" ... "94" ... "33" ... "49" ... drum-roll ... "37". She turns to Bob and asks him to reveal his numbers. The audience can see the numbers as:

63
94
33
49
37

The audience claps and cheers like they have never before. Eve The Magician has done it again.

"Thank you so much, I'll see you again soon", says Eve.

How did she do it?

So Eve did the trick by making sure that Bob pressed the button on the program at the right time. So our code is:

import random 
import time

tt= time.mktime(time.gmtime())

random.seed(tt)

for i in range(5):
      print(random.randint(1,100))

Let's say that she knew the time that the code would be run as 9 Dec 2017 at 13:36:20. The number of seconds which have passed since 1970 can then be calculated with the Epoch timestamp [link]:

In preparation, she runs the following code, knowing that she will get Bob to run it at 13:36:20:

import random 
import time

tt= time.mktime(time.gmtime())

tt=1512826580

print tt

random.seed(tt)

for i in range(5):
      print(random.randint(1,100))

Every time she runs this program she gets the same set of numbers generated:

C:\Python27>python randnum.py
1512826580
63
94
33
49
37

as she has uses the same seed for the random number generation process.

If she is worried about the timing, she might also do a range of numbers and makes sure she can see the actual time that Bob presses the button. If she is worried about crossing a time tick, she may ask Bob for the first number, and then she'll find the right time stamp.

I do many code reviews for crypto functions for companies, and one of the first places I look is the random number generation function, as a pseudo-random function can often produce numbers which can be predictable within a reasonable time limit. I find so many examples of poorly generated random numbers which can be guessed if you know the time that the user performed a certain action, or by searching for possible values.

So, for security applications, forget those pseudo-random number generators, and invest in a proper true-random number generator.

If you are interested in random numbers, here is some theory [link].