Recoverable Random Numbers in an Internet of Things Operating System
AbstractOver the past decade, several security issues with Linux Random Number Generator (LRNG) on PCs and Androids have emerged. The main problem involves the process of entropy harvesting, particularly at boot time. An entropy source in the input pool of LRNG is not transferred into the non-blocking output pool if the entropy counter of the input pool is less than 192 bits out of 4098 bits. Because the entropy estimation of LRNG is highly conservative, the process may require more than one minute for starting the transfer. Furthermore, the design principle of the estimation algorithm is not only heuristic but also unclear. Recently, Google released an Internet of Things (IoT) operating system called Brillo based on the Linux kernel. We analyze the behavior of the random number generator in Brillo, which inherits that of LRNG. In the results, we identify two features that enable recovery of random numbers. With these features, we demonstrate that random numbers of 700 bytes at boot time can be recovered with the success probability of 90% by using time complexity for
Scifeed alert for new publicationsNever miss any articles matching your research from any publisher
- Get alerts for new papers matching your research
- Find out the new papers from selected authors
- Updated daily for 49'000+ journals and 6000+ publishers
- Define your Scifeed now
Yoo, T.; Kang, J.-S.; Yeom, Y. Recoverable Random Numbers in an Internet of Things Operating System. Entropy 2017, 19, 113.
Yoo T, Kang J-S, Yeom Y. Recoverable Random Numbers in an Internet of Things Operating System. Entropy. 2017; 19(3):113.Chicago/Turabian Style
Yoo, Taeill; Kang, Ju-Sung; Yeom, Yongjin. 2017. "Recoverable Random Numbers in an Internet of Things Operating System." Entropy 19, no. 3: 113.
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.