P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg titulka
Recoverable RNG
PA193 – Secure coding
•Marek Sýs
•Faculty of Informatics, Masaryk University, Brno, CZ
D:\Documents\Obrázky\services_icon_full_bw5.jpg

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Old rand, srand
2
•srand(1) + rand
•srand(time(NULL)) + rand
•
•Other options:
•gettimeofday()
•clockgettime()
•
•

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Linux
•/dev/random
•/dev/urandom
•Write function int getrdata (int number, unsigned char *buffer)
•that will return random data from /dev/random
•
–- read() can be interrupted (when handling signals etc.)
–- take care of ‘short’ read
•
•
3

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Linux
•Check entropy available
–Use system() func
•What is returned value of system() call?
•
•How to get value?:
–print to file
–use popen()
•
4

P:\CRCS\2012_0178_Redesign_loga_a_JVS\PPT_prezentace\sablona\pracovni\normalni.jpg
Windows CryptoAPI
•CryptAcquireContext()
–PROV_RSA_FULL – default provider
•CryptReleaseContext()
•
•CryptGetRandom()
–part of MS Crypto API
•
5