CISPA
Browse

Limiting the impact of unreliable randomness in deployed security protocols

Download (422.15 kB)
conference contribution
posted on 2023-11-29, 18:14 authored by Liliya Akhmetzyanova, Cas CremersCas Cremers, Luke Garratt, Stanislav Smyshlyaev, Nick Sullivan
Many cryptographic mechanisms depend upon the availability of securely generated random numbers. In practice,the sources of random numbers can be unreliable for many reasons, including bugs, compromise or subversion of standards. While there exist ways to significantly reduce the impact of unreliable randomness, these typically do not work well with practical constraints, such as long-term keys stored in hardware security modules. In practice, even modern protocols like TLS 1.3 lack such mechanisms and are therefore highly vulnerable to unreliable randomness.We propose a wrapper construction that reduces the impact of untrusted randomness, and which is is compatible with, and effective in, existing deployments of protocols such as TLS. We provide a security analysis of the construction and elaborate on design choices and practical interpretations. Our findings show that it is possible to effectively harden deployed protocols against unreliable randomness.

History

Preferred Citation

Liliya Akhmetzyanova, Cas Cremers, Luke Garratt, Stanislav Smyshlyaev and Nick Sullivan. Limiting the impact of unreliable randomness in deployed security protocols. In: IEEE Computer Security Foundations Symposium (CSF). 2020.

Primary Research Area

  • Reliable Security Guarantees

Name of Conference

IEEE Computer Security Foundations Symposium (CSF)

Legacy Posted Date

2020-10-08

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_3244, title = "Limiting the impact of unreliable randomness in deployed security protocols", author = "Akhmetzyanova, Liliya and Cremers, Cas and Garratt, Luke and Smyshlyaev, Stanislav and Sullivan, Nick", booktitle="{IEEE Computer Security Foundations Symposium (CSF)}", year="2020", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC