Roy Osherove

View Original

Linux's Random Number Generator - Not That Great?

Benny Pinkas of the Haifa University in Israel (http://www.pinkas.net/ ), claims that after reverse engineering the Linux Kern's Random Number Generator, he was able to come to some alarming conclusions. Mainly, that the Random Number Generation Engine used in Linux, which is used anywhere from creating secure keys for the net, user passwords etc. is not that secure since it is too predictable.

He recommends that OS Developers take a long hard look at the quality of code for sensitive components, so that this will not happen again.

 

Link to the Hebrew version of the announcement here:

http://www.pc.co.il/_DailyMaily/ItemClean.asp?ArticleID=4735&Vol=134&SearchParam=&CategoryID=72

 

 

Link to the PDF Document of his study (To appear in the 2006 IEEE Symposium on Security and Privacy (Oakland Conference), May 21-24, 2006)

[ PDF in English] : http://www.pinkas.net/PAPERS/gpr06.pdf