Forgot your password?
typodupeerror
Encryption IOS Security Apple

Weak Apple PRNG Threatens iOS Exploit Mitigations 143

Posted by Soulskill
from the also-makes-you-lose-at-poker dept.
Trailrunner7 writes "A revamped early random number generator in iOS 7 is weaker than its vulnerable predecessor and generates predictable outcomes. A researcher today at CanSecWest said an attacker could brute force the Early Random PRNG used by Apple in its mobile operating system to bypass a number of kernel exploit mitigations native to iOS. 'The Early Random PRNG in iOS 7 is surprisingly weak,' said Tarjei Mandt senior security researcher at Azimuth Security. 'The one in iOS 6 is better because this one is deterministic and trivial to brute force.' The Early Random PRNG is important to securing the mitigations used by the iOS kernel. 'All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG,' Mandt said. 'It must provide sufficient entropy and non-predictable output.'"
This discussion has been archived. No new comments can be posted.

Weak Apple PRNG Threatens iOS Exploit Mitigations

Comments Filter:
  • by Red_Chaos1 (95148) on Friday March 14, 2014 @12:00PM (#46483587)

    ..on a smart phone like the iPhone. Use the gyros/accelerometers, make the user draw randomly on the screen, maybe use random info like wifi network names currently available, generate random info based on images on the phone, etc. etc. Plenty of data/means available to create the entropy needed.

  • by DigitAl56K (805623) on Friday March 14, 2014 @12:13PM (#46483715)

    Crypto and security guys are an opinionated lot. Getting everyone to agree to some kind of standard is unlikely.

    There are surely a set of criteria to be met in the design for a PRNG to be acceptable, a set of known attacks and weaknesses that the PRNG has to be resiliant to to some established degree, some minimum level of performance required (max ops per generation, average ops or ms per generation of n numbers on a certain CPU feature set), unencumbered by patents or full waiver provided. You put together some candidates, allow some window of time (e.g. a year) for everyone to poke holes in them provided all the known materials that would assist someone to make them fail the acceptance criteria. Whatever makes it through is your suite.

  • by INT_QRK (1043164) on Friday March 14, 2014 @12:36PM (#46484009)
    Which, by the way says at the bottom of page 1...wait for it..."There are no FIPS Approved nondeterministic random number generators."
  • by TechyImmigrant (175943) on Friday March 14, 2014 @12:40PM (#46484045) Journal

    Bad PRNGs have jumped the shark. For a company like Apple to have a supposedly secure PRNG in their products and for them not to have had a group of security Nazis identify all the PRNGs in their products and make sure they're all good and fix them where not, it unconscionable.

    In my company we systematically did exactly that. It's standard practice these days.

  • by LordLimecat (1103839) on Friday March 14, 2014 @01:14PM (#46484437)

    Just because there are nefarious things going on doesnt mean that people have stopped making mistakes, or that the two are somehow mutually exclusive.

    Yes, you should still want proof that this is malicious or subversive.

Opportunities are usually disguised as hard work, so most people don't recognize them.

Working...