Posts  / #POST-001375
REDDIT

Feasability of cracking a non-CS PRNG when the output is reduced to a small set of characters.

C
Feb 13, 2025 · 05:38

I'm looking for resources.

Predicting the future (or past) output of a regular PRNG from observations is very common, no issue with that.

But a case I see a lot in practice is people using PRNGs to create temporary codes or passwords by choosing a character at random from a limited set. I know that this should be vulnerable in theory, but I haven't seen it in practice and I can't find any research specifically tackling that case (my searching skills must be in cause). I expect the exact approach to differ based on the specific PRNG used, but I'm sure there are common ideas to these problems.

Does anyone has a paper or blog post lying around that deals with this? Or am I missing something obvious that makes the topic unworthy of getting its own research?

EDIT: seeing as all answers proposed seem to be missing the point it seems my post was very unclear. I invite anyone not to waste their time on this post anymore and if I find a better way to present what I'm talking about I'll create a new one.