skip to main content
research-article
Free Access

The Challenges of IoT, TLS, and Random Number Generators in the Real World: Bad random numbers are still with us and are proliferating in modern systems.

Published:18 July 2022Publication History
Skip Abstract Section

Abstract

Many in the cryptographic community scoff at the mistakes made in implementing RNGs. Many cryptographers and members of the IETF resist the call to make TLS more resilient to this class of failures. This article discusses the history, current state, and fragility of the TLS protocol, and it closes with an example of how to improve the protocol. The goal is not to suggest a solution but to start a dialog to make TLS more resilient by proving that the security of TLS without the assumption of perfect random numbers is possible.

References

  1. Althouse, J. 2019. TLS fingerprinting with JA3 and JA3S. Salesforce Engineering; https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967.Google ScholarGoogle Scholar
  2. Barker, E.B., Kelsey, J.M., et al. 2007. Recommendation for random number generation using deterministic random bit generators (revised). U.S. Department of Commerce, National Institute of Standards and Technology; https://www.nist.gov/publications/recommendation-random-number-generation-using-deterministic-random-bit-generators-2.Google ScholarGoogle Scholar
  3. Bernstein, D.J., Lange, T., Niederhagen, R. 2016. Dual EC: a standardized back door. In Lecture Notes in Computer Science Essays, The New Codebreakers, volume 9100, ed. P.Y.A. Ryan, D. Naccache, and J.-J. Quisquater, 256?281. Springer-Verlag; https://dl.acm.org/doi/abs/10.1007/978-3-662-49301-4_17.Google ScholarGoogle Scholar
  4. Böck, H., Zauner, A., Devlin, S., Somorovsky, J., Jovanovic, P. 2016. Nonce-disrespecting adversaries: practical forgery attacks on GCM in TLS. In 10th Usenix Workshop on Offensive Technologies; https://www.usenix.org/conference/woot16/workshop-program/presentation/bock.Google ScholarGoogle Scholar
  5. Breitner, J., Heninger, N. 2019. Biased nonce sense: lattice attacks against weak ECDSA signatures in cryptocurrencies. In 23rd International Conference on Financial Cryptography and Data Security, ed. I. Godberg and T. Moore, 3-20. Springer International; https://www.springerprofessional.de/en/biased-nonce-sense-lattice-attacks-against-weak-ecdsa-signatures/17265526.Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. Brooks Jr., F.P. 1995. The Mythical Man-month: Essays on Software Engineering. Addison-Wesley Professional.Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Courtois, N.T., Hulme, D., Hussain, K., Gawinecki, J.A., Grajek, M. 2013. On bad randomness and cloning of contactless payment and building smart cards. In Proceedings of the IEEE Security and Privacy Workshops. IEEE, 105?110; https://dl.acm.org/doi/10.1109/SPW.2013.29.Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Diffie, W., Hellman, M. 1976. New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644?654; https://ee.stanford.edu/~hellman/publications/24.pdf.Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Diffie, W., Van Oorschot, P.C. Wiener, M.J. 1992. Authentication and authenticated key exchanges. Designs, Codes and Cryptography 2(2), 107?125; https://dl.acm.org/doi/10.1007/BF00124891.Google ScholarGoogle Scholar
  10. Flajolet, P., Odlyzko, A.M. 1989. Random mapping statistics. In Proceedings of the Workshop on the Theory and Application of Cryptographic Techniques, 329?354. Springer; https://dl.acm.org/doi/10.5555/111563.111596.Google ScholarGoogle Scholar
  11. Garske, D. 2021. Deprecate CyaSSL library #151. GitHub; https://github.com/cyassl/cyassl/pull/151.Google ScholarGoogle Scholar
  12. Hastings, M., Fried, J., Heninger, N. 2016. Weak keys remain widespread in network devices. In Proceedings of the Internet Measurement Conference, 49?63; https://dl.acm.org/doi/10.1145/2987443.2987486.Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Heninger, N., Durumeric, Z., Wustrow, E., Halderman, J.A. 2012. Mining your Ps and Qs: detection of widespread weak keys in network devices. In Proceedings of the 21st Usenix Security Symposium, 35; https://dl.acm.org/doi/10.5555/2362793.2362828.Google ScholarGoogle Scholar
  14. Hughes, J.P. 2021. BadRandom: the effect and mitigations for low entropy random numbers in TLS. Ph.D. dissertation. UC Santa Cruz; https://escholarship.org/uc/item/9528885m.Google ScholarGoogle Scholar
  15. Kilgallin, J., Vasko, R. 2019. Factoring RSA keys in the IoT era. In First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), 184?189. IEEE; https://ieeexplore.ieee.org/document/9014350.Google ScholarGoogle ScholarCross RefCross Ref
  16. LaMacchia, B., Lauter, K., Mityagin, A. 2007. Stronger security of authenticated key exchange. In International Conference on Provable Security, 1-16. Springer; https://link.springer.com/chapter/10.1007/978-3-540-75670-5_1.Google ScholarGoogle ScholarCross RefCross Ref
  17. Lenstra, A.K., Hughes, J.P., Augier, M., Bos, J.W., Kleinjung, T., Wachter, C. 2012. Public keys. In Proceedings of the 32nd Annual Conference on Advances in Cryptology, 626?642. Springer; https://dl.acm.org/doi/10.1007/978-3-642-32009-5_37.Google ScholarGoogle ScholarDigital LibraryDigital Library
  18. Markoff, J. 2012. Flaw found in an online encryption method. New York Times (January 14); https://www.nytimes.com/2012/02/15/technology/researchers-find-flaw-in-an-online-encryption-method.html.Google ScholarGoogle Scholar
  19. Paul, J.D. 2021. The scandalous history of the last rotor cipher machine. IEEE Spectrum; https://spectrum.ieee.org/the-scandalous-history-of-the-last-rotor-cipher-machine.Google ScholarGoogle Scholar
  20. Turan, M.S., Barker, E., Kelsey, J., McKay, K.A., Baish, M.L., Boyle, M., et al. 2018. Recommendation for the entropy sources used for random bit generation. NIST Special Publication 800-90B. U.S. Department of Commerce, National Institute of Standards and Technology; https://csrc.nist.gov/publications/detail/sp/800-90b/final.Google ScholarGoogle Scholar

Index Terms

(auto-classified)
  1. The Challenges of IoT, TLS, and Random Number Generators in the Real World: Bad random numbers are still with us and are proliferating in modern systems.

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image Queue
      Queue  Volume 20, Issue 3
      Random Numbers
      May/June 2022
      91 pages
      ISSN:1542-7730
      EISSN:1542-7749
      DOI:10.1145/3549521
      Issue’s Table of Contents

      Copyright © 2022 Owner/Author

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 18 July 2022

      Check for updates

      Qualifiers

      • research-article
      • Popular
      • Editor picked
    • Article Metrics

      • Downloads (Last 12 months)12,963
      • Downloads (Last 6 weeks)990

      Other Metrics

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    HTML Format

    View this article in HTML Format .

    View HTML Format
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!