International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 09 May 2012

Patrick Lacharme, Andrea Röck, Vincent Strubel, Marion Videau
ePrint Report ePrint Report
The Linux pseudorandom number generator (PRNG) is a PRNG with entropy

inputs which is widely used in many security related applications and

protocols. This PRNG is written as an open source code which is

subject to regular changes. It was last analyzed in the work of

Gutterman et al. in 2006 [GPR06] but since then no new

analysis has been made available, while in the meantime several changes have been applied to the code,

among others, to counter the attacks presented

[GPR06]. Our work describes the Linux PRNG of kernel

versions 2.6.30.7 and upwards. We detail the PRNG architecture

in the Linux system and provide its first accurate mathematical

description and a precise analysis of the building blocks, including entropy estimation and extraction. Subsequently, we give a security analysis including the feasibility of cryptographic attacks and an empirical test of the entropy estimator..

Finally, we underline some important changes to the previous

versions and their consequences.

Expand

Additional news items may be found on the IACR news page.