Cryptanalysis of the windows random number generator
Proceedings of the 14th ACM conference on Computer and communications security
Pseudo-randomness Inside Web Browsers
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
PRNG based on new HCI devices entropy sources: Wii remote study case
Proceedings of the 2009 Euro American Conference on Telematics and Information Systems: New Opportunities to increase Digital Citizenship
Games for extracting randomness
Proceedings of the 5th Symposium on Usable Privacy and Security
Cryptanalysis of the random number generator of the Windows operating system
ACM Transactions on Information and System Security (TISSEC)
Hedged Public-Key Encryption: How to Protect against Bad Randomness
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
CCCP: secure remote storage for computational RFIDs
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Accelerometers and randomness: perfect together
Proceedings of the fourth ACM conference on Wireless network security
Security through amnesia: a software-based solution to the cold boot attack on disk encryption
Proceedings of the 27th Annual Computer Security Applications Conference
Randomness condensers for efficiently samplable, seed-dependent sources
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Mining your Ps and Qs: detection of widespread weak keys in network devices
Security'12 Proceedings of the 21st USENIX conference on Security symposium
A study of entropy sources in cloud computers: random number generation on cloud hosts
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Randomly failed! the state of randomness in current java implementations
CT-RSA'13 Proceedings of the 13th international conference on Topics in Cryptology
Entropy harvesting from physical sensors
Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks
Security analysis of pseudo-random number generators with input: /dev/random is not robust
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Randomness in Virtual Machines
UCC '13 Proceedings of the 2013 IEEE/ACM 6th International Conference on Utility and Cloud Computing
Hi-index | 0.00 |
Linux is the most popular open source project. The Linux random number generator is part of the kernel of all Linux distributions and is based on generating randomness from entropy of operating system events. The output of this generator is used for almost every security protocol, including TLS/SSL key generation, choosing TCP sequence numbers, and file system and email encryption. Although the generator is part of an open source project, its source code (about 2500 lines of code) is poorly documented, and patched with hundreds of code patches. We used dynamic and static reverse engineering to learn the operation of this generator. This paper presents a description of the underlying algorithms and exposes several security vulnerabilities. In particular, we show an attack on the forward security of the generator which enables an adversary who exposes the state of the generator to compute previous states and outputs. In addition we present a few cryptographic flaws in the design of the generator, as well as measurements of the actual entropy collected by it, and a critical analysis of the use of the generator in Linux distributions on diskless devices.