Title | ||
---|---|---|
Security Flaws in an Efficient Pseudo-Random Number Generator for Low-Power Environments. |
Abstract | ||
---|---|---|
In 2004, Setthararn and Rhee tackled the design of a lightweight Pseudo-Random Number Generator (PRNG) suitable for low-power environments (e.g. sensor networks, low-cost RFID tags). First, they explicitly fixed a set of requirements for this primitive. Then, they proposed a PRNG conforming to these requirements and using a free-running timer [9]. We analyze this primitive discovering important security faults. The proposed algorithm fails to pass even relatively non-stringent batteries of randomness such as ENT (i.e. a pseudorandom number sequence test program). We prove that their recommended PRNG has a very short period due to the flawed design of its core. The internal state can be easily revealed, compromising its backward and forward security. Additionally, the rekeying algorithm is defectively designed mainly related to the unpractical value proposed for this purpose. |
Year | DOI | Venue |
---|---|---|
2009 | 10.1007/978-3-642-11526-4_3 | Lecture Notes of the Institute for Computer Sciences Social Informatics and Telecommunications Engineering |
Keywords | Field | DocType |
Sensor networks,RFID,PRNG,security,cryptanalysis | Computer security,Computer science,Cryptanalysis,Forward secrecy,Rekeying,Timer,Wireless sensor network,Randomness,Test program,Pseudorandom number generator | Conference |
Volume | ISSN | Citations |
42 | 1867-8211 | 0 |
PageRank | References | Authors |
0.34 | 3 | 5 |
Name | Order | Citations | PageRank |
---|---|---|---|
Pedro Peris-Lopez | 1 | 1076 | 61.84 |
Julio C. Hernandez-Castro | 2 | 298 | 26.88 |
Juan M. Estévez-tapiador | 3 | 91 | 10.43 |
Enrique San Millán | 4 | 29 | 6.57 |
Jan C. A. van der Lubbe | 5 | 185 | 14.16 |