[Resource Topic] 2006/086: Analysis of the Linux Random Number Generator

Welcome to the resource topic for 2006/086

Analysis of the Linux Random Number Generator

Authors: Zvi Gutterman, Benny Pinkas, Tzachy Reinman


Linux is the most popular open source project. The
Linux random number generator is part of the kernel of
all Linux distributions and is based on generating randomness from entropy of operating
system events. The output of this generator is used for almost every
security protocol, including TLS/SSL key generation, choosing TCP sequence numbers,
and file system and email encryption. Although the
generator is part of an open source project, its source code (about 2500 lines of code) is poorly documented, and patched with hundreds of code patches.

We used dynamic and static reverse engineering to learn the operation of this generator. This paper presents
a description of the underlying algorithms and exposes several security vulnerabilities. In particular, we show an attack on the forward security of the generator which enables an adversary who exposes the state of the generator
to compute previous states and outputs. In addition we present a few cryptographic
flaws in the design of the generator, as well as measurements of
the actual entropy collected by it, and a critical analysis of the use of the generator in Linux distributions on disk-less devices.

ePrint: https://eprint.iacr.org/2006/086

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .