Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

I\'m wondering how a backdoor in a random-number generator (as rumored the NSA h

ID: 648794 • Letter: I

Question

I'm wondering how a backdoor in a random-number generator (as rumored the NSA have placed), actually compromises the security of things like VPNs or TSL/SSL.

What I understand is that, if such a backdoor exists, then after observing a certain number of pseudorandom bits, the attacker can then predict the rest of the pseudorandom sequence.

Can someone walk through the steps of how this allows an attacker to actually read encrypted packets? For example, how would an attacker get access to the first N random bits of a pseudo-randomly generated key in the first place. Is the problem that any random key is effectively only N bits long because if an attacker guesses the first N correctly, he can generate the rest of the key using the backdoor? Or is it something more complicated.

Explanation / Answer

There are three ways a RNG can fail

Insufficient randomness in the input
Losing randomness as a result of the random transformation
Leaking bits through an intentional or unintentional side channel

Each fail weakens things. A backdoor in a random number generator is like actively implementing such a fail, introducing possible ways to lower the security of the random number generator since it becomes less random.

It it's not as if a backdoor in a random number generator always directly breaks things like SSL, but they can have the ability to. The real problem is that a well constructed backdoor is near to undetectable, while allowing an attacker to take security shortcuts that wouldn't be available normally. And that would happen without the person using the RNG for security purposes noticing the backdoor.

Imagine using such a backdoor to seed something... it would look perfectly random to you, but the one who implemented the backdoor might be able to recover the whole state of the RNG by just looking at - let's say - 32 bits. That would mean you're in big-big trouble. Now imagine you feel good, safe and secure because you aren't aware of a backdoor lurking behind the screens... get a creepy feeling? Good!

Related Questions

I\'m using the Linux system not windows system This is the outline Inputs Output
Question #3923937
I\'m using the array formula below to return the first 4 dates from Sheet 2 that
Question #3563069
I\'m using the book An Introduction to Programming with C++ 8 th edition to star
Question #3741285
I\'m using the sha256 algorithm to generate a number in one of my programming pr
Question #652958
I\'m using the variables \"r\" and \"c\" because they iterate of the rows and co
Question #3748496
I\'m very concerned about one of my co-workers. I haven\'t seen her in months, a
Question #661489
I\'m very confused on how to answer these questions, please help. Obtain a prepa
Question #146577
I\'m very confused on how to do this, please help In this assignment, you will e
Question #3796974

Navigate

Previous
I\'m wondering how I seamlessly include a JavaScript unit testing framework into
Next
I\'m wondering how better to perform this operation for a large amount of files.