Javascript Cryptographic Functionality - How does it work?

Question

I know how to do this in PHP and recently came across this code. I'm very new to JS. Can someone explain what this code does and how to implement it? Essentially what I need to do is have a provably fair gaming experience for my site I'm creating.

Example in PHP (all I can relate to): I encrypt rand() and provide the encrypted version of the # rolled prior to the bet and add it to the client_seed. The user can change the client_seed. After they get the number i.e. 59.73 they can add the encrypted version of that with the client_seed to see that that was the hash provided BEFORE the bet providing for provably fair.

Except I don't understand how I can implement this code because it'd be much easier to have everything in JS rather than JS and PHP.

Thanks.

<script type="text/javascript">
function lucky_number(server_seed, client_seed, nonce) {
var hex_chars_to_use = 5;
var hash = crypto.createHmac('sha512', server_seed).update(client_seed + ':' + nonce.toString()).digest('hex');
var len = hash.length;

for (var i = 0; i < len; i += hex_chars_to_use) {
    var hex = hash.substring(i, i + hex_chars_to_use);
    var lucky = parseInt(hex, 16);
    if (lucky < 1000000)
        return lucky;
}

// the 26th substring will always be <4096 (3 hex digits), so we won't get here
util.log(0, 'RAN OUT OF HASH!  using ' + hash + ' - returning', 0);
return 0;
};
</script>

Answer 1

First of all, this snippet does not belong in a <script> per se. It's actually a function that belongs on the serverside with the node.js environment.

Looking at the function, what use would the serverside seed be good for if the client has access to it (if it's in the source, the client has access to it, if he wants.) After all this is about generating an outcome to the users action. If he has access to it, he could tell if he'll loose or win and adjust the bet accordingly. The site would be bankrupt within a few minutes.

The crypto object is a native module that is included with node.js. See the crypto.createHmac function in the docs.

I hope this clears things up a little.

Answer 2

First of all, be careful to use code found on the internet. It is often not well tested or correct. For instance, at the end the code returns 0. But there seems to be an odd chance that it returns before that. It depends on the caller what happens then - I can only assume that the nonce is increased and the next values are calculated. But this leaves out the number 0 from the results!

The code is not very efficient either, the chances of being lucky are depending on the number (1000000) being tested. Now maybe it is OK for that number, but what happens if you put in for instance the number 2? The code would not run that great, basically throwing away random values like there is no tomorrow.

The reason that the server seed is required is because of the availability of randoms within JavaScript. Normally there is no true random source available when JavaScript is deployed in browsers. If you want to have true randoms they have to come from the server. There is no easy way to replace this seed; the best you can do is generate a random source from user input, but that's tricky as well and may not be random enough.

Another reason to give the user a random seed generated at the server is to make sure that the user does not cheat. At the server you can regenerate the whole random stream if you know the client and server seed (and the start value of then nonce, but that may well be 0). This means that the client cannot influence the random stream in any meaningful way, while the randoms are still dependent on the seed generated on the client - so the server cannot cheat either. Unfortunately both the client and server probably have the power to alter the game itself, so it is questionable if this brings any advantage.