Because "use urandom" isn't everything: a deep dive into CSPRNGs in Operating Systems & Programming Languages: Implementation, hazards and updates on use of RNGs in programming languages and the Linux Kernel (among others)

Presented at Still Hacking Anyway (SHA2017), Aug. 6, 2017, 3:40 p.m. (60 minutes).

Over the past year multiple people have been engaging language maintainers and designers to change their use of CSPRNGs (mainly relying on user-land RNGs like the one from OpenSSL, and sometimes suggesting "adding entropy" by various means from user-land daemons like haveged). In this short presentation we'll survey the struggle of cryptographers, developers and security engineers to change the path various high-profile languages have taken to provide randomness to their userbase. Affected languages include but are not limited to: Ruby, node.js and Erlang. We outline better approaches for language maintainers and implementers as well as coming changes within the Linux kernel crypto subsystem (i.e. /dev/random and /dev/urandom) w.r.t. security and performance. Recently these changes were merged into mainline Linux (4), problems with languages implementations however remain. We'll also discuss operating system provided randomness testing, attacks/mitigation in embedded and virtualized environments. #Software #Security Over the past year multiple people have been engaging language maintainers and designers to change their use of CSPRNGs (mainly relying on user-land RNGs like the one from OpenSSL, and sometimes suggesting "adding entropy" by various means from user-land daemons like haveged). In this short presentation we'll survey the struggle of cryptographers, developers and security engineers to change the path various high-profile languages have taken to provide randomness to their userbase. Affected languages include but are not limited to: Ruby, node.js and Erlang. We outline better approaches for language maintainers and implementers as well as coming changes within the Linux kernel crypto subsystem (i.e. /dev/random and /dev/urandom) w.r.t. security and performance. Recently these changes were merged into mainline Linux (4), problems with languages implementations however remain. We'll also discuss operating system provided randomness testing, attacks/mitigation in embedded and virtualized environments.

Presenters:

  • Aaron Zauner / azet as Aaron Zauner (azet)
    10+ years of engineering. Has seen the fallacies of distributed computing. Still enjoys working and researching in the industry. Loves tuning, scaling and securing of distributed systems - building on and contributing to great Free & Open Source Software. Above all: getting to meet brilliant people, exchange ideas and work on exciting projects all the time! I am self-employed and primarily do engineering work, consulting and research on IT Infrastructure Architecture, Operations & Development, Applied Cryptography, High Performance Computing and Information Security. I've held talks on DevOps, HPC and Security related topics at various venues - from local meetups to internationally recognized conferences. Publications: https://scholar.google.com/citations?user=pMyYN5wAAAAJ

Links:

Similar Presentations: