Paper 2019/086

Reinterpreting and Improving the Cryptanalysis of the Flash Player PRNG

George Teseleanu

Abstract

Constant blinding is an efficient countermeasure against just-in-time (JIT) spraying attacks. Unfortunately, this mitigation mechanism is not always implemented correctly. One such example is the constant blinding mechanism found in the Adobe Flash Player. Instead of choosing a strong mainstream pseudo-random number generator (PRNG), the Flash Player designers chose to implement a proprietary one. This led to the discovery of a vulnerability that can be exploited to recover the initial seed used by the PRNG and thus, to bypass the constant blinding mechanism. Using this vulnerability as a starting point, we show that no matter the parameters used by the previously mentioned PRNG it still remains a weak construction. A consequence of this study is an improvement of the seed recovering mechanism from previously known complexity of $\mathcal O(2^{21})$ to one of $\mathcal O(2^{11})$.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. C2SI-2019
Keywords
jit spaying attacksflash player prngconstant blinding
Contact author(s)
george teseleanu @ yahoo com
History
2022-03-15: revised
2019-01-28: received
See all versions
Short URL
https://ia.cr/2019/086
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/086,
      author = {George Teseleanu},
      title = {Reinterpreting and Improving the Cryptanalysis of the Flash Player PRNG},
      howpublished = {Cryptology ePrint Archive, Paper 2019/086},
      year = {2019},
      note = {\url{https://eprint.iacr.org/2019/086}},
      url = {https://eprint.iacr.org/2019/086}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.