0

recently i've seen that Google AdWords is sharing promotional codes, which gives you $200 for publishing with them.

The question is this: Obviously, the code is a big combination of chars, something like: 9842 - a251 - b51s - 1250, and if you try any other input but what they give it will fail telling you that the code is not valid. It's of course good because you don't want any "robot" to generate your codes for you.

So, what are the best practices for do something like this? I've been thinking and using a big amount of chars, and generating them in random sequences could it be done, but i think that some "probabilistic" model would fit better.

Do you know how is it properly done?

Thank you all!

Michael J. Barber
  • 22,744
  • 8
  • 61
  • 84
santiagobasulto
  • 10,542
  • 9
  • 61
  • 85

3 Answers3

1

The simplest way is:

  1. set an alphabet

    string alpha = "0123456789abcdefghijklmnopqrstuvwxyz";

  2. set a lenght of the final code

    int final = 16; string code="";

  3. generate chars from the alphabet

.

int i = final;
while( i-->0 ){
string += alpha[ Math.random(0,alpha.length) ]
}
robermorales
  • 2,982
  • 2
  • 23
  • 36
1

The safest way to do this is to use a cryptographic PRNG to generate a sufficiently long random code (at least 128 bits, ideally), and store a list of valid IDs in a database. When someone enters a code, check it against the DB and mark it as used.

Nick Johnson
  • 98,961
  • 16
  • 125
  • 196
0

Take the hash of an auto-inc number concatenated to a fixed string:

"My long nonsensical string 0000001"

"My long nonsensical string 0000002"

Hashes are good at generating widely different codes from near-identical strings. Throw away duplicates, if you get any.

Klas Lindbäck
  • 32,158
  • 4
  • 51
  • 77
  • Awesome! If you used a common hash function like SHA1, I can now take your hash and extend it with arbitrary characters, making as many valid codes as I like. Use an HMAC, not just string concatenation. – Nick Johnson Oct 11 '11 at 23:31
  • "Nick: Don't you need to know my fixed string (which is the equivalent of a private key) to create valid codes? But you are right, of course, using assymmetric encryption would take the security to a known level. – Klas Lindbäck Oct 12 '11 at 07:29
  • Nope - chained block hash functions like SHA1 are vulnerable to extension attacks - given the hash for a short string, I can compute the hash for a string for which that is a prefix without having to know what the original string was. HMACs aren't asymmetric crypto - they're just a safe way to use hashes to construct what you're trying to create here. – Nick Johnson Oct 12 '11 at 11:38
  • Then I don't see how you can create valid keys. All strings have equal length, hashes produced by longer strings aren't valid. To do what you say, you need to know the hash for "My long nonsensical string", but you only have the hash for "My long nonsensical string 0000001". – Klas Lindbäck Oct 12 '11 at 12:17
  • That a fixed length string is required is an unstated assumption, since you haven't described how your whole proposed protocol works. In any case, there's no reason to use an ad-hoc construction with known weaknesses when a perfectly good, cryptographically secure alternative already exists. – Nick Johnson Oct 12 '11 at 23:34
  • The security level depends on the hash algorithm. I totally agree that you should choose a good one. I deliberately left out which one to use because I'm not up to speed on them. – Klas Lindbäck Oct 13 '11 at 07:13
  • Yes, and you should also choose a good construction, like an HMAC, not rely on an ad-hoc concatenation like this, which is my point. – Nick Johnson Oct 13 '11 at 09:41