Attacks On Software Random Number Generators
Just as with other components of a cryptosystem, a software random number generator should be designed to resist certain attacks. Exactly which attacks must be defended against depends on the system, but here are a few:
- If an attacker obtains most of the stream of random bits, it should be infeasible for them to compute any additional parts of the stream.
- If an attacker observes the internal state of the random number generator, they should not be able to work backwards and deduce previous random values.
- If an attacker observes the internal state of the random number generator, they will necessarily be able to predict the output until enough additional entropy is obtained. However, if entropy is added incrementally, the attacker may be able to deduce the values of the random bits that were added and obtain the new internal state of the random number generator (a state compromise extension attack).
- If an attacker can control the supposedly random inputs to the generator, they may be able to "flush" all the existing entropy out of the system and put it into a known state.
- When a generator starts up, it will often have little or no entropy (especially if the computer has just been booted and followed a very standard sequence of operations), so an attacker may be able to obtain an initial guess at the state.
Read more about this topic: Random Number Generator Attack
Famous quotes containing the words attacks on, attacks, random and/or number:
“We are seeing an increasing level of attacks on the “selfishness” of women. There are allegations that all kinds of social ills, from runaway children to the neglected elderly, are due to the fact that women have left their “rightful” place in the home. Such arguments are simplistic and wrongheaded but women are especially vulnerable to the accusation that if society has problems, it’s because women aren’t nurturing enough.”
—Grace Baruch (20th century)
“I must ... warn my readers that my attacks are directed against themselves, not against my stage figures.”
—George Bernard Shaw (1856–1950)
“Assemble, first, all casual bits and scraps
That may shake down into a world perhaps;
People this world, by chance created so,
With random persons whom you do not know—”
—Robert Graves (1895–1985)
“In the U.S. for instance, the value of a homemaker’s productive work has been imputed mostly when she was maimed or killed and insurance companies and/or the courts had to calculate the amount to pay her family in damages. Even at that, the rates were mostly pink collar and the big number was attributed to the husband’s pain and suffering.”
—Gloria Steinem (20th century)