Slashdot Mirror

← Back to Stories (view on slashdot.org)

Loophole in Windows Random Number Generator

Posted by CmdrTaco on from the heads-i-win-tails-you-lose dept.

Invisible Pink Unicorn writes "A security loophole in the pseudo-random number generator used by Windows was recently detailed in a paper presented by researchers at the University of Haifa. The team found a way to decipher how the number generator works, and thus compute previous and future encryption keys used by the computer, and eavesdrop on private communication. Their conclusion is that Microsoft needs to improve the way it encodes information. They recommend that Microsoft publish the code of their random number generators as well as of other elements of the Windows security system to enable computer security experts outside Microsoft to evaluate their effectiveness. Although they only checked Windows 2000, they assume that XP and Vista use similar random number generators and may also be vulnerable. The full text of the paper is available in PDF format."

4 of 305 comments (clear)

  1. Where's the white noise generator? by tjstork · · Score: 4, Interesting

    I am still at a loss to wonder why a PC does not have a white noise generator built into it yet. Even the best random number algorithms are pseudo random, so blasting Microsoft for their algorithm is a little like blasting the kid for not carrying enough of a bucket when the dam is the thing that broke.

    Put white noise hardware and real random number hardware on PCs, and this whole problem goes away.

    --
    This is my sig.
  2. Hardware RNG by SamMichaels · · Score: 4, Interesting

    You'd think that computers would have built-in hardware based RNGs by now. On-board sound, video, network, etc.......where is the radioactive decay RNG? After all, in 1985 plutonium should be available in every corner drugstore.

  3. USB Hardware RND by CustomDesigned · · Score: 4, Interesting
    Buy one of those $25 toy digital cameras. Keep the lens cap on, or put black tape over the lens. Connect to USB port. Add script to snap a "picture" every few minutes to prng. (Is there a way for userland to feed entropy to kernel based /dev/random?) With no light, digital cameras return thermal noise - which looks like "snow" on an analog TV. I've done this with a toy camera I bought for my daughter. The camera feeds raw pixels to the linux driver, and the post processing done by the Windows software was never implemented in Linux, making it useless as a camera (plus it has 256M ram, but no flash memory). But it works great for this application. I haven't done a mathematical analysis of exactly how much entropy is in the signal. I'll leave that for the stat geeks.

    I got the idea from a project that used a webcam snapping pictures of a Lava Lamp® as a hardware RNG.

  4. Re:The Vista RNG by secPM_MS · · Score: 4, Interesting

    I didn't, but I know the people who did the enhancements, and they are very competent and well known cryptographers.