Thoughts About PRNGs and some Attack Models

For a while now I’ve been thinking about Randomness and uniform data sets , Believe it or not it’s a really fascinating subject but in the same time really complicated .. So In this post I’m going to talk about some models of attacking it.. So lets start !

I suggest that you read this article first if you don’t know what is PRNGs

The Idea behind PRNGs is to provide some random values that is hard to predict but as I mentioned earlier that computers are deterministic machines and so difficult to get new real random data .. In this case we need some Algorithm to give us real random data .. but most of these algorithms have an ‘Internal State’ to seed the generator and every time this internal state should be updated to ensure that the next round will give different data. and in practice this is very easy to do you can use some hash function to do that …

Attacks :

There is a straightforward method for it and that is simply require the attacker to reconstruct the internal state from the output of the function .. personally I think this is a classic attack and you can’t guarantee the output every time .. but maybe the attacker can succeed if there is any flow in the implementation but this is a story for another day for now lets assume that the  system is really good “smiley face”…

Issue number 2: lets assume that the computer is just got booted so this mean that the computer has no enough entropy to take seed from .. so you will end up with predicted values.

Issue number 3 : lets assume that you managed to feed the pool with different event like mouse movement or any type of events .. you will still have small number of entropy and the attacker simply can put many requests to construct the internal state ..

So the best defense against these problem is to have huge number of entropy so you can mix it and feed it to the internal state and you make the attacker guess let say over  2128 .. but this is just a theoretical solution making estimate of the number of entropy is kinda difficult .. but at least you got the idea .. you have to consider a large number of entropy and you have to consider  it in the implementation phase.

Anyway I think you got the idea that achieving true randomness is really hard and if you messed it up your whole system will fall apart.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>