Randomly failed! the state of randomness in current java implementations

Authors:
Kai Michaelis;Christopher Meyer;Jörg Schwenk
Affiliations:
Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany;Horst Görtz Institute for IT-Security, Ruhr-University Bochum, Germany
Venue:
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Year:
2013

Citing 7
Cited 0

How to construct random functions

Journal of the ACM (JACM)
Analysis of SHA-1 in Encryption Mode

CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Cryptanalytic Attacks on Pseudorandom Number Generators

FSE '98 Proceedings of the 5th International Workshop on Fast Software Encryption
Analysis of the Linux Random Number Generator

SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Cryptanalysis of the windows random number generator

Proceedings of the 14th ACM conference on Computer and communications security
I forgot your password: randomness attacks against PHP applications

Security'12 Proceedings of the 21st USENIX conference on Security symposium
Mining your Ps and Qs: detection of widespread weak keys in network devices

Security'12 Proceedings of the 21st USENIX conference on Security symposium

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper investigates the Randomness of several Java Runtime Libraries by inspecting the integrated Pseudo Random Number Generators. Significant weaknesses in different libraries including Android, are uncovered.