Paper 2012/251

The Linux Pseudorandom Number Generator Revisited

Patrick Lacharme, Andrea Röck, Vincent Strubel, and Marion Videau

Abstract

The Linux pseudorandom number generator (PRNG) is a PRNG with entropy inputs which is widely used in many security related applications and protocols. This PRNG is written as an open source code which is subject to regular changes. It was last analyzed in the work of Gutterman et al. in 2006 [GPR06] but since then no new analysis has been made available, while in the meantime several changes have been applied to the code, among others, to counter the attacks presented [GPR06]. Our work describes the Linux PRNG of kernel versions 2.6.30.7 and upwards. We detail the PRNG architecture in the Linux system and provide its first accurate mathematical description and a precise analysis of the building blocks, including entropy estimation and extraction. Subsequently, we give a security analysis including the feasibility of cryptographic attacks and an empirical test of the entropy estimator.. Finally, we underline some important changes to the previous versions and their consequences.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. No former publication
Keywords
Linux PRNGrandom generationentropy input PRNG
Contact author(s)
marion videau @ loria fr
History
2012-05-24: last of 5 revisions
2012-05-09: received
See all versions
Short URL
https://ia.cr/2012/251
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2012/251,
      author = {Patrick Lacharme and Andrea Röck and Vincent Strubel and Marion Videau},
      title = {The Linux Pseudorandom Number Generator Revisited},
      howpublished = {Cryptology {ePrint} Archive, Paper 2012/251},
      year = {2012},
      url = {https://eprint.iacr.org/2012/251}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.