Internet As a Source of Randomness
Pages 64 - 70
Abstract
Pseudorandom Generators (PRGs) play an important role in security of systems and cryptographic mechanisms. Yet, there is a long history of vulnerabilities in practical PRGs.
Significant efforts in the theoretical and practical research communities are invested to improve the security of PRGs, to identify faults in entropy sources, and to detect vulnerabilities allowing attacks against the PRGs.
In this work we take an alternative approach at the pseudorandomness generation problem. We design and implement Network Pseudorandomness Collector (NPC) which collects pseudorandom strings from servers in the Internet. NPC does not require cooperation nor synchronisation of those servers. NPC is easy to use and integrate into the existing systems. We analyse the security of NPC and show how it addresses the main factors behind the vulnerabilities in current PRGs. Further, we perform extensive simulations on empirically derived datasets that validate the security of NPC against attacks by realistic Man-in-the-Middle (MitM) attackers.
Supplementary Material
MP4 File (p64-brandt.mp4)
- Download
- 583.47 MB
References
[1]
Hijack Event Today by Indosat. http://www.bgpmon.net/hijack-event-today-by-indosat.
[2]
New Threat: Targeted Internet Traffic Misdirection. http://www.renesys.com/2013/11/mitm-internet-hijacking.
[3]
Renesys Blog - Pakistan Hijacks YouTube. http://www.renesys.com/blog/2008/02/pakistan_hijacks_youtube_1.shtml, Feb. 2008.
[4]
The CAIDA AS Relationships Dataset, 2011. http://www.caida.org/data/active/as-relationships/, 2017.
[5]
D. Adrian, K. Bhargavan, Z. Durumeric, P. Gaudry, M. Green, J. A. Halderman, N. Heninger, D. Springall, E. Thomé, L. Valenta, et al. Imperfect forward secrecy: How diffie-hellman fails in practice. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pages 5--17. ACM, 2015.
[6]
H. Ballani, P. Francis, and X. Zhang. A Study of Prefix Hijacking and Interception in the Internet, 2007.
[7]
B. Barak and S. Halevi. A model and architecture for pseudorandom generation with applications to/dev/random. In Proceedings of the 12th ACM conference on Computer and communications security, pages 203--212. ACM, 2005.
[8]
M. Blum and S. Micali. How to generate cryptographically strong sequences of pseudorandom bits. SIAM journal on Computing, 13(4):850--864, 1984.
[9]
Z. Brakerski, S. Goldwasser, G. N. Rothblum, and V. Vaikuntanathan. Weak verifiable random functions. In Theory of Cryptography Conference, pages 558--576. Springer, 2009.
[10]
R. Canetti and H. Krawczyk. Analysis of key-exchange protocols and their use for building secure channels. Advances in Cryptology-EUROCRYPT 2001, pages 453--474, 2001.
[11]
W. Chen and Z. Qian. Off-path TCP exploit: how wireless routers can jeopardize your secrets. In 27th {USENIX} Security Symposium (USENIX Security 18), pages 1581--1598. USENIX Association, 2018.
[12]
B. Chor and O. Goldreich. Unbiased bits from sources of weak randomness and probabilistic communication complexity. SIAM Journal on Computing, 17(2):230--261, 1988.
[13]
C.-S. Chow and A. Herzberg. Network randomization protocol: A proactive pseudo-random generator. In Proceedings of the 5th Symposium on UNIX Security, pages 55--64, Berkeley, CA, USA, jun 1995. USENIX Association.
[14]
T. Chung, R. van Rijswijk-Deij, B. Chandrasekaran, D. Choffnes, D. Levin, B. M. Maggs, A. Mislove, and C. Wilson. A longitudinal, end-to-end view of the dnssec ecosystem. In USENIX Security, 2017.
[15]
R. Colbeck and R. Renner. Free randomness can be amplified. Nature Physics, 8(6):450, 2012.
[16]
H. Corrigan-Gibbs and S. Jana. Recommendations for Randomness in the Operating System, or How to Keep Evil Children out of Your Pool and Other Random Facts. In HotOS, 2015.
[17]
Y. Dodis, D. Pointcheval, S. Ruhault, D. Vergniaud, and D. Wichs. Security analysis of pseudo-random number generators with input:/dev/random is not robust. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pages 647--658. ACM, 2013.
[18]
D. Dolev, C. Dwork, O. Waarts, and M. Yung. Perfectly secure message transmission. J. ACM, 40(1):17--47, Jan. 1993.
[19]
L. Dorrendorf, Z. Gutterman, and B. Pinkas. Cryptanalysis of the windows random number generator. In Proceedings of the 14th ACM conference on Computer and communications security, pages 476--485. ACM, 2007.
[20]
A. Everspaugh, Y. Zhai, R. Jellinek, T. Ristenpart, and M. Swift. Not-so-random numbers in virtualized linux and the whirlwind rng. In Security and Privacy (SP), 2014 IEEE Symposium on, pages 559--574. IEEE, 2014.
[21]
T. Garfinkel and M. Rosenblum. When virtual is harder than real: Security challenges in virtual machine based computing environments. In HotOS, 2005.
[22]
P. Gill, M. Schapira, and S. Goldberg. Let the market drive deployment: a strategy for transitioning to BGP security. In S. Keshav, J. Liebeherr, J. W. Byers, and J. C. Mogul, editors, SIGCOMM, pages 14--25. ACM, 2011.
[23]
P. Gill, M. Schapira, and S. Goldberg. Modeling on quicksand: Dealing with the scarcity of ground truth in interdomain routing data. ACM SIGCOMM Computer Communication Review, 42(1):40--46, 2012.
[24]
I. Goldberg and D. Wagner. Randomness and the netscape browser. Dr Dobb's Journal-Software Tools for the Professional Programmer, 21(1):66--71, 1996.
[25]
P. Gutmann. Software generation of random numbers for cryptographic purposes. In Proceedings of the 1998 Usenix Security Symposium, pages 243--257, 1998.
[26]
Z. Gutterman, B. Pinkas, and T. Reinman. Analysis of the linux random number generator. In Security and Privacy, 2006 IEEE Symposium on, pages 15--pp. IEEE, 2006.
[27]
N. Heninger, Z. Durumeric, E. Wustrow, and J. A. Halderman. Mining your ps and qs: Detection of widespread weak keys in network devices. In Presented as part of the 21st USENIX Security Symposium (USENIX Security 12), pages 205--220, 2012.
[28]
A. Herzberg and H. Shulman. Security of Patched DNS. In Computer Security - ESORICS 2012 - 17th European Symposium on Research in Computer Security, Pisa, Italy, September 10-12, 2012. Proceedings, pages 271--288, 2012.
[29]
A. Herzberg and H. Shulman. Fragmentation Considered Poisonous: or one-domain-to-rule-them-all.org. In IEEE CNS 2013. The Conference on Communications and Network Security, Washington, D.C., U.S. IEEE, 2013.
[30]
A. Herzberg and H. Shulman. Socket Overloading for Fun and Cache Poisoning. In C. N. P. Jr., editor, ACM Annual Computer Security Applications Conference (ACM ACSAC), New Orleans, Louisiana, U.S., December 2013.
[31]
A. Herzberg and H. Shulman. Vulnerable Delegation of DNS Resolution. In Computer Security - ESORICS 2013 - 18th European Symposium on Research in Computer Security, Egham, UK, September 9-13, 2013. Proceedings, pages 219--236, 2013.
[32]
John Walker. ENT: A Pseudorandom Number Sequence Test Program. http://www.fourmilab.ch/random/, 2008.
[33]
B. Kerrigan and Y. Chen. A study of entropy sources in cloud computers: random number generation on cloud hosts. Computer Network Security, pages 286--298, 2012.
[34]
F. P. NIST. Security requirements for cryptographic modules, 2001.
[35]
Z. Qian and Z. M. Mao. Off-path TCP sequence number inference attack-how firewall middleboxes reduce security. In Security and Privacy (SP), 2012 IEEE Symposium on, pages 347--361. IEEE, 2012.
[36]
Z. Qian, Z. M. Mao, and Y. Xie. Collaborative TCP sequence number inference attack: how to crack sequence number under a second. In Proceedings of the 2012 ACM conference on Computer and communications security, pages 593--604. ACM, 2012.
[37]
T. Ristenpart and S. Yilek. When good randomness goes bad: Virtual machine reset vulnerabilities and hedging deployed cryptography. In NDSS, 2010.
[38]
A. Rukhin, J. Soto, J. Nechvatal, M. Smid, and E. Barker. A statistical test suite for random and pseudorandom number generators for cryptographic applications. Technical report, Booz-Allen and Hamilton Inc Mclean Va, 2001.
[39]
H. Shulman and M. Waidner. Fragmentation Considered Leaking: Port Inference for DNS Poisoning. In Applied Cryptography and Network Security (ACNS), Lausanne, Switzerland. Springer, 2014.
[40]
H. Shulman and M. Waidner. One Key to Sign Them All Considered Vulnerable: Evaluation of DNSSEC in Signed Domains. In The 14th USENIX Symposium on Networked Systems Design and Implementation (NSDI). USENIX, 2017.
[41]
E. Syta, P. Jovanovic, E. K. Kogias, N. Gailly, L. Gasser, I. Khoffi, M. J. Fischer, and B. Ford. Scalable bias-resistant distributed randomness. In Security and Privacy (SP), 2017 IEEE Symposium on, pages 444--460. Ieee, 2017.
Recommendations
When does randomness come from randomness?
A result of Shen says that if F : 2 N ź 2 N is an almost-everywhere computable, measure-preserving transformation, and y ź 2 N is Martin-Löf random, then there is a Martin-Löf random x ź 2 N such that F ( x ) = y . Answering a question of Bienvenu and ...
Extracting Randomness
Extractors are Boolean functions that allow, in some precise sense, extraction of randomness from somewhat random distributions, using only a small amount of truly random bits. Extractors, and the closely related “dispersers,” exhibit some of the most “...
Truth‐table Schnorr randomness and truth‐table reducible randomness
AbstractSchnorr randomness and computable randomness are natural concepts of random sequences. However van Lambalgen’s Theorem fails for both randomnesses. In this paper we define truth‐table Schnorr randomness (defined in 6 too only by martingales) and ...
Comments
Information & Contributors
Information
Published In
November 2018
191 pages
ISBN:9781450361200
DOI:10.1145/3286062
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 15 November 2018
Check for updates
Qualifiers
- Research-article
- Research
- Refereed limited
Funding Sources
Conference
HotNets '18
Sponsor:
Acceptance Rates
Overall Acceptance Rate 110 of 460 submissions, 24%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 238Total Downloads
- Downloads (Last 12 months)5
- Downloads (Last 6 weeks)0
Reflects downloads up to 25 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in