The e2random Entropy Harvester and PRNG for Linux
نویسنده
چکیده
Many efficient methods of generating “good” random numbers exist in the literature of mathematics and computer science. One particular method of generating usable randomness is with “extractors”: graphs which will transform “bad” randomness (i.e. a smaller ratio of entropy/data, or randomness distributed poorly) to “good” randomness (of a provable level of security) by an additional input of only a small number of truly random bits. The current {,u}random PRNG for Linux is not extensible, which prompted work on a new erandom PRNG using these extractors. The work on erandom led to a number of improvements to the entropy harvesting methods used by the Linux kernel, as {,u}random and the entropy harvester are inseperable. The new entropy harvester eh2, combined with the erandom PRNG make up the new pseudorandom number generation subsystem, called e2random. This new driver offers greater flexibility and extensibility than the original {,u}random.
منابع مشابه
The Linux Pseudorandom Number Generator Revisited
The Linux pseudorandom number generator (PRNG) is a PRNG with entropy inputs which is widely used in many security related applications and protocols. This PRNG is written as an open source code which is subject to regular changes. It was last analyzed in the work of Gutterman et al. in 2006 [GPR06] but since then no new analysis has been made available, while in the meantime several changes ha...
متن کاملSecurity Analysis of Pseudo-Random Number Generators
A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers whose distribution is indistinguishable from uniform. A formal security model for PRNGs with input was proposed in 2005 by Barak and Halevi (BH). This model involves an internal state that is refreshed with a (potentially biased) external random source, and a cryptographic function that outputs random num...
متن کاملAnalysis of the Random Number Generator Using MD5 PRNG in Linux Kernel
When random numbers are needed, kernel level threads can use at least one of two random number generators (RNGs), called LRNG and MD5 PRNG. LRNG is a well-known cryptographic RNG accessed via /dev/(u)random and MD5 PRNG provides a function interface get_random_int(). While the /dev/(u)random has been investigated a lot, MD5 PRNG had been regarded as a less important one. In this paper, we demon...
متن کاملProposal of primitive polynomials for Linux kernel PRNG
The polynomials defining the LFSRs of the linux Kernel PRNG are irreducible but not primitive. As a result, the space of numbers generated by these LFSRs does not fill all the space. We propose in this paper more optimal polynomials which increase by a factor of 3 the space of the random numbers generated by these LFSRs. The polynomials used in the current implementation of the PRNG and the poi...
متن کاملAttacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy
Android is the most prevalent Linux-based mobile Operating System in the market today. Many features of the platform security (such as stack protection, key generation, etc.) are based on values provided by the Linux Pseudorandom Number Generator (LPRNG) and weaknesses in the LPRNG could therefore directly affect platform security. Much literature has been published previously investigating and...
متن کامل