About: Random number generator attack

An Entity of Type: Apparatus102727825, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks.

Property Value
dbo:abstract
  • The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks. A high quality random number generation (RNG) process is almost always required for security, and lack of quality generally provides attack vulnerabilities and so leads to lack of security, even to complete compromise, in cryptographic systems. The RNG process is particularly attractive to attackers because it is typically a single isolated hardware or software component easy to locate. If the attacker can substitute pseudo-random bits generated in a way they can predict, security is totally compromised, yet generally undetectable by any upstream test of the bits. Furthermore, such attacks require only a single access to the system that is being compromised. No data need be sent back in contrast to, say, a computer virus that steals keys and then e-mails them to some drop point. (en)
  • Атака на генератор псевдослучайных чисел — атака, направленная на раскрытие параметров генератора псевдослучайных чисел (ГПСЧ) с целью дальнейшего предсказания псевдослучайных чисел. (ru)
  • Атака на генератор псевдовипадкових чисел — атака, спрямована на розкриття параметрів генератора псевдовипадкових чисел (ГПВЧ) з метою подальшого передбачення псевдовипадкових чисел. (uk)
  • 隨機數生成器攻擊是針對加密系統中,隨機數生成(RNG)的環節進行破壞或弱點利用的攻擊。 一個密碼系統的安全性取決於機密訊息只能由已授權人員可知,其他人不可知且不可預測。為了達到不可預測性,通常會採用一些隨機化的過程。為了系統的安全性,必須要有一個高品質的隨機數生成方式,低品質的生成方式會產生安全漏洞,導致系統發生洩密。由於亂數生成的部分通常只牽涉到單個孤立的硬體或軟體,非常容易尋找,所以對攻擊者而言特別有吸引力。如果攻击者可以用一种他可以预测的伪随机数替换RNG过程,安全性就会受到完全损害,但是上游的测试对此通常是无法侦测到的。此外,對於已被破解的系統,攻擊者只需進行一次訪問,不需要再進行回傳。與之相較,電腦病毒在偷取密鑰後,還需要透過電子郵件等方式將密鑰回傳給攻擊者。 (zh)
dbo:wikiPageExternalLink
dbo:wikiPageID
  • 1250124 (xsd:integer)
dbo:wikiPageLength
  • 21687 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1083211394 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dcterms:subject
rdf:type
rdfs:comment
  • Атака на генератор псевдослучайных чисел — атака, направленная на раскрытие параметров генератора псевдослучайных чисел (ГПСЧ) с целью дальнейшего предсказания псевдослучайных чисел. (ru)
  • Атака на генератор псевдовипадкових чисел — атака, спрямована на розкриття параметрів генератора псевдовипадкових чисел (ГПВЧ) з метою подальшого передбачення псевдовипадкових чисел. (uk)
  • 隨機數生成器攻擊是針對加密系統中,隨機數生成(RNG)的環節進行破壞或弱點利用的攻擊。 一個密碼系統的安全性取決於機密訊息只能由已授權人員可知,其他人不可知且不可預測。為了達到不可預測性,通常會採用一些隨機化的過程。為了系統的安全性,必須要有一個高品質的隨機數生成方式,低品質的生成方式會產生安全漏洞,導致系統發生洩密。由於亂數生成的部分通常只牽涉到單個孤立的硬體或軟體,非常容易尋找,所以對攻擊者而言特別有吸引力。如果攻击者可以用一种他可以预测的伪随机数替换RNG过程,安全性就会受到完全损害,但是上游的测试对此通常是无法侦测到的。此外,對於已被破解的系統,攻擊者只需進行一次訪問,不需要再進行回傳。與之相較,電腦病毒在偷取密鑰後,還需要透過電子郵件等方式將密鑰回傳給攻擊者。 (zh)
  • The security of cryptographic systems depends on some secret data that is known to authorized persons but unknown and unpredictable to others. To achieve this unpredictability, some randomization is typically employed. Modern cryptographic protocols often require frequent generation of random quantities. Cryptographic attacks that subvert or exploit weaknesses in this process are known as random number generator attacks. (en)
rdfs:label
  • Random number generator attack (en)
  • Атака на ГПСЧ (ru)
  • 随机数生成器攻击 (zh)
  • Атака на ГПВЧ (uk)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License