An Investigation of the FreeBSD r278907 RNG Bugfix
نویسندگان
چکیده
Operating systems and applications rely on random number generators (RNGs) for a number of important tasks, most notably cryptographic key generation. The impact of flawed random number generation practices has been studied extensively in the past [2, 5]. In this paper, we examine the implications of an RNG bug in FreeBSD that was fixed by Subversion commit r278907 [3]. In particular, our analysis seeks to discover uses of weak random numbers that either enable an attacker to discover the internal state of the RNG or use such knowledge to predict security-relevant values.
منابع مشابه
Bflinks: Reliable Bugfix Links via Bidirectional References and Tuned Heuristics
Background. Data from software version archives and defect databases can be used for defect insertion circumstance analysis and defect prediction. The first step in such analyses is identifying defect-correcting changes in the version archive (bugfix commits) and enriching them with additional metadata by establishing bugfix links to corresponding entries in the defect database. Candidate bugfi...
متن کاملInvestigation on Turbulent Nanofluid Flow in Helical Tube in Tube Heat Exchangers
In this study, the thermal characteristics of turbulent nanofluid flow in a helical tube in the tube heat exchanger (HTTHE) were assessed numerically through computational fluid dynamics (CFD) simulation. The findings of both the turbulent models: realizable k-epsion (k-ε) and re-normalisation group (RNG) k-epsilon were compared. The temperature distribution contours show that realizable and RN...
متن کاملNUMERICAL AND EXPERIMENTAL INVESTIGATION OF WIND PRESSURE COEFFICIENTS ON SCALLOP DOME
The wind loads considerably influence lightweight spatial structures. An example of spatial structures is scallop domes that contain various configurations and forms and the wind impact on a scallop dome is more complex due to its additional curvature. In our work, the wind pressure coefficient (Cp ) on the scallop dome surface is studied numerically and experimentally. Firstly, the programming...
متن کاملForensic analysis of Windows hosts using UNIX-based tools
Many forensic examiners are introduced to UNIXbased forensic utilities when faced with investigating a UNIX-like operating system for the first time. They will use these utilities for this very specific task, because in many cases these tools are the only ones for the given job. For example, at the time of this writing, given a FreeBSD 5.x file system, the author’s only choice is to use The Cor...
متن کاملThe Numerical Simulation for air distribution of an Underground Main Workshop in Hydropower Station
ABSTRCT: Use CFD method to study of the air distribution of certain practical project. By using three-dimensional RNG k-εturbulent model, the air distribution of an underground main workshop in hydropower station with heat source at non-isothermal condition has been designed by means of numerical simulation. Solve the controlling equations by using the soft ware of computational fluid dynamics ...
متن کامل