![]() RNG subversion Subverted random numbers can be created using a with a known to the attacker but concealed in the software. Hardware RNGs A number of attacks on are possible, including trying to capture radio-frequency emissions from the computer (obtaining hard drive interrupt times from motor noise, for example), or trying to feed controlled signals into a supposedly random source (such as turning off the lights in a lava lamp or feeding a strong, known signal into a sound card). ![]() This can happen when a generator starts up and has little or no entropy (especially if the computer has just been booted and followed a very standard sequence of operations), so an attacker may be able to obtain an initial guess at the state. ![]() State compromise extension attacks when the internal secret state of the RNG is known at some time, use this to predict future output or to recover previous outputs.
0 Comments
Leave a Reply. |