Windows

Flaw in Window's random number generator

Security researchers are claiming that the pseudo-random number generator used by Microsoft in Windows is flawed. Only Windows 2000 is evaluated, though the shortcomings of the random number generator are most likely present in Windows XP and Vista.

Security researchers are claiming that the pseudo-random number generator used by Microsoft in Windows is flawed. Only Windows 2000 is evaluated, though the shortcomings of the random number generator are most likely present in Windows XP and Vista.

Excerpt from The Register:

A team of cryptographers led by Dr. Benny Pinkas from the Department of Computer Science at the University of Haifa, Israel, were able to unravel how the CryptGenRandom function Windows 2000 worked, without assistance from Microsoft. This analysis revealed that random number generation in Windows 2000 is far from genuinely random -- or even pseudo-random.

Because of this it was possible for the researchers to predict numbers generated by the software, after first determining the internal state of the generator.

The implications here is that a local attack can be used to determine a single state of the random number generator. It will be possible after that to predict all random values, such as used in SSL keys, and possibly other cryptographic functions.

If you enjoy reading Greek geek-stuffs, you can check out the results of the research titled Cryptanalysis of the Windows Random Number Generator.

About

Paul Mah is a writer and blogger who lives in Singapore, where he has worked for a number of years in various capacities within the IT industry. Paul enjoys tinkering with tech gadgets, smartphones, and networking devices.

3 comments
The Listed 'G MAN'
The Listed 'G MAN'

knowing the internal state of any computer program you should be able to predict the output, no? The issue therefore should be fact you can gain the internal state in the first place.

The Listed 'G MAN'
The Listed 'G MAN'

Would it not have been better to test the other systems before releasing their find? What if these other systems do not have this problem and only Windows 2000?

bikingbill
bikingbill

The full article quotes a publication by Microsoft Press to the effect that the same version of the generator is used in all editions of Windows from 95 onwards. XP is certainly included; the situation regarding Vista is not absolutely clear.

Editor's Picks