Black-Box Assessment of Pseudorandom Algorithms

Presented at Black Hat USA 2013, July 31, 2013, 11:45 a.m. (60 minutes).

Last year at Black Hat, Argyros and Kiayias devastated all things pseudorandom in open-source PHP applications. This year, we're bringing PRNG attacks to the masses.

We'll point out flaws in many of the most common non-cryptographic pseudorandom number generators (PRNGs) and examine how to identify a PRNG based on a black-box analysis of application output. In many cases, most or all of the PRNG's internal state can be recovered, enabling determination of past output and prediction of future output. We'll present algorithms that run many orders of magnitude faster than a brute-force search, including reversing and seeking the PRNG stream in constant time. Finally, of course, we'll demonstrate everything and give away our tool so that you can perform the attacks during your own assessments.


Presenters:

  • Derek Soeder - Cylance, Inc.
    Derek is a security researcher, software developer, and reverse engineer at Cylance. His career in information security began at eEye, where he developed a variety of offensive and defensive technologies, reverse engineered everything he could, and presented at Black Hat USA and other industry conferences. More recently, Derek founded Ridgeway Internet Security, which Cylance acquired in 2012.
  • Christopher Abad / aempirei - Cylance, Inc.   as Christopher Abad
    Mr. Christopher Abad is a computer person from the internet.
  • Gabriel Acevedo - Cylance, Inc.
    Gabriel Acevedo is a Security Researcher at Cylance, Inc. working with an elite group of security experts to protect the real world by solving very large and complex problems simply and elegantly.

Links:

Similar Presentations: