Slashdot Mirror

← Back to Stories (view on slashdot.org)

Loophole in Windows Random Number Generator

Posted by CmdrTaco on from the heads-i-win-tails-you-lose dept.

Invisible Pink Unicorn writes "A security loophole in the pseudo-random number generator used by Windows was recently detailed in a paper presented by researchers at the University of Haifa. The team found a way to decipher how the number generator works, and thus compute previous and future encryption keys used by the computer, and eavesdrop on private communication. Their conclusion is that Microsoft needs to improve the way it encodes information. They recommend that Microsoft publish the code of their random number generators as well as of other elements of the Windows security system to enable computer security experts outside Microsoft to evaluate their effectiveness. Although they only checked Windows 2000, they assume that XP and Vista use similar random number generators and may also be vulnerable. The full text of the paper is available in PDF format."

27 of 305 comments (clear)

  1. 31784 by FooAtWFU · · Score: 4, Funny

    129775, 80123133, 5580012. 6740091, 6558, 42!

    --
    The World Wide Web is dying. Soon, we shall have only the Internet.
    1. Re:31784 by Spokehedz · · Score: 2, Funny

      All I get on mine is '8675309'

      Damn you Johnny Two-Tone!

    2. Re:31784 by jejones · · Score: 2, Funny

      RANDU! Save us, RANDU!

      Oh, wait, that was Landru.

  2. The Vista RNG by Anonymous Coward · · Score: 5, Funny
    Although they only checked Windows 2000, they assume that XP and Vista use similar random number generators and may also be vulnerable.

    Your system must meet the requirements to be able to run the Windows Random Number Generator on Vista. Otherwise, you will need to use Windows Number Generator Basic. The only number WNGB can generate is 4.

    1. Re:The Vista RNG by eln · · Score: 4, Funny

      Yes, but that 4 was generated via a fair dice roll, and is guaranteed to be random. You can't say that about the numbers the Vista RNG spits out. So you see, what the WNGB lacks in quantity it makes up for in quality.

  3. Novell by Anonymous Coward · · Score: 5, Funny

    In other news, Miguel de Icaza said that he believes that the random number generator is a good idea. Linux should have one because Microsoft is going to win anyway, so linux would better be prepared if it doesn't want to be locked out of the future markets, and presented a beta version of the algorithm. Members of the GNOME foundation are participating in the standarization: ''it's better to provide our own insecure random number generator'' said ownen taylor.

  4. Re:Huh? by Mantaar · · Score: 5, Funny

    From TFA:

    Date: received 4 Nov 2007

    Old indeed. 8 days. That's a lot, Microsoft might have already fixed it, you see, they fix things fast!

    --
    I'm an infovore...
  5. Re:Huh? by morgan_greywolf · · Score: 2, Funny

    Y4h!! rand() i5 st00p1d!!! my pwn3d SSL add5 up a77 t3h numb3rz in t3h d4t3st4mp!!!

    --
    My blog
  6. Spearmen by Anonymous Coward · · Score: 2, Funny

    So that's why my tanks and battleships always lose to spearmen.

  7. Re:Hardware RNG by defnoz · · Score: 5, Funny

    Now why would you assume Microsoft would use the hardware RNG when they have thier own, much better, proprietary RNG available?
    After all, they spent so much time perfecting it in Excel 2007!
  8. ob XKCD reference by wren337 · · Score: 5, Funny


    http://xkcd.com/221/ // chosen by fair dice roll // guaranteed to be random

  9. Does this mean... by physicsphairy · · Score: 5, Funny

    That it will be possible to predict what values Excel will give us in our spreadsheets?

    --
    When things get complex, multiply by the complex conjugate.
  10. Re:Where's the white noise generator? by OrangeCowHide · · Score: 5, Funny

    A white noise generator? Bah... What systems need are pop-o-matic bubbles with m * 2^n sided dice to generate m * n bits. It could even put a window up saying, "The entropy pool is depleted. Please press the pop-o-matic bubble to generate more."

    That would be awesome

    --
    Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains. - Evilest Doe
  11. Re:Hardware RNG by somersault · · Score: 5, Funny

    Yeah because every time Windows is updated, it's a really high priority to write a new random number generator? XP is based off of 2000 even if Vista was meant to be a rewrite.

    "Hey guys, I dont think the random number generator is random enough today - it came up with 2 prime numbers in a row! Anyone feel like taking a few days to rewrite it, test it, introduce a few bugs, document it, seal off the documentation to make sure nobody finds it, and go take it up to Steve? I hear he's out of chairs right now so it should be okay".

    --
    which is totally what she said
  12. Is there a list of slots machines that run windows by Joe+The+Dragon · · Score: 5, Funny

    Is there a list of slots machines that run windows?

  13. Re:Hardware RNG by larry+bagina · · Score: 3, Funny

    intel's fpu is a random number generator (unintentionally).

    --
    Do you even lift?

    These aren't the 'roids you're looking for.

  14. Re:Hardware RNG by Goaway · · Score: 5, Funny

    What is this, "proof by sarcasm"?

  15. Re:Hardware RNG by operagost · · Score: 2, Funny

    I recently discovered that Windows is not Y2K compliant! Although I only checked Windows 3.1, I assume that newer versions of Windows, 2000, XP, and Vista, use similar 2-digit dates and may also be vulnerable.

    --

    Gamingmuseum.com: Give your 3D accelerator a rest.
  16. Re:Where's the white noise generator? by ConceptJunkie · · Score: 4, Funny

    Perhaps you could pour hot tea into it instead.

    --
    You are in a maze of twisty little passages, all alike.
  17. Re:Hardware RNG by MrAnnoyanceToYou · · Score: 2, Funny

    This is the Internet. Proof by sarcasm is the most defensible kind.

    --
    My little site.
  18. Re:Hardware RNG by EsbenMoseHansen · · Score: 3, Funny

    Interestingly, the much-reviewed TrueCrypt engine seems to slow to a crawl if you create a bunch of files (and therefore keys) in a hurry - presumably it has an RNG that actually blocks waiting until it has enough new "really random" bits for each new key. This is a cool idea for a crypto library, but not usable for a general-purpose RNG, which suggests that the system libraries should probably provide *two* RNGs. Brilliant idea! Let's call one of them /dev/urandom and the other one /dev/random. ;)
    --
    Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
  19. Re:Hardware RNG by somersault · · Score: 5, Funny

    I prefer to call it Sarca'm's Razor

    --
    which is totally what she said
  20. Re:Hardware RNG by yukk · · Score: 5, Funny

    What makes you think that MS has "Crypto programmers" ? I'm sure that part of development went something like this.
    Okay, module 14537r Random Number Generator. Teams, who wants do do this ? No, it's not boring. Come on. Okay, draw straws. Jones, you win. Yes, sure you can get the intern to write it. You carry on with the Clippy enhancements.

    --
    The trouble with the rat race is that even if you win, you're still a rat." Lily Tomlin
  21. Re:Hardware RNG by Keith_Beef · · Score: 2, Funny

    Like a strong Brownian motion producer (say, a cup of hot tea)?

    Beef.

  22. Re:Hardware RNG by Anonymous Coward · · Score: 1, Funny

    It might only be a problem for 2000 users Only 2000 users, eh?

    I think there are more Amiga users online than that, so can't be much of a security issue. :P
  23. Re:the number of affected users enbiggens the prob by Celarnor · · Score: 2, Funny

    I don't think those two numbers are that far from each other.

  24. Re:Not so severe by Tom · · Score: 2, Funny

    Ok, in that case I misread. Then it's not much of a danger, few windos machines stay up for more than a day or so.

    --
    Assorted stuff I do sometimes: Lemuria.org