The security infrastructure underpinning our society relies on encryption, which relies on the correct generation and use of pseudorandom data. Unfortunately, random data is deceptively hard to generate. Implementation problems in PRNGs and the incorrect usage of generated random data in cryptographic algorithms have led to many issues, including the infamous Debian OpenSSL bug, which exposed millions of systems on the internet to potential compromise due to a mistake that limited the source of randomness during key generation to have 2^15 different seeds (i.e. 15 bits of entropy).It is important to automatically identify if a given program applies a certain cryptographic algorithm or uses its random data correctly.This paper tackles the ve...
Random number generation is a critical issue in numerous cryptographic applications: it is used for ...
Information flow analysis is a powerful technique for reasoning about the sensitive information expo...
Abstract. A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers...
Pseudo-random number generators (PRNGs) are a critical infrastructure for cryptography and security ...
Abstract: One of the services provided by the operating system to the applications is random number ...
We report on our work-in-progress into the use of reliabil-ity analysis to quantify information leak...
Many computer applications use random numbers as an important computational resource, and they often...
We propose a symbolic execution method for programs that can draw random samples. In contrast to exi...
In recent work we have proposed a software reliability analy-sis technique that uses symbolic execut...
International audienceSeveral measures have been proposed in literature for quantifying the informat...
Linux is the most popular open source project. The Linux random number generator is part of the kern...
Abstract. The channel capacity of a deterministic system with confidential data is an upper bound on...
Random numbers are essential for cryptography. In most real-world systems, these values come from a...
International audienceThe channel capacity of a deterministic system with confidential data is an up...
In this work we demonstrate various weaknesses of the random number generator (RNG) in the OpenSSL c...
Random number generation is a critical issue in numerous cryptographic applications: it is used for ...
Information flow analysis is a powerful technique for reasoning about the sensitive information expo...
Abstract. A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers...
Pseudo-random number generators (PRNGs) are a critical infrastructure for cryptography and security ...
Abstract: One of the services provided by the operating system to the applications is random number ...
We report on our work-in-progress into the use of reliabil-ity analysis to quantify information leak...
Many computer applications use random numbers as an important computational resource, and they often...
We propose a symbolic execution method for programs that can draw random samples. In contrast to exi...
In recent work we have proposed a software reliability analy-sis technique that uses symbolic execut...
International audienceSeveral measures have been proposed in literature for quantifying the informat...
Linux is the most popular open source project. The Linux random number generator is part of the kern...
Abstract. The channel capacity of a deterministic system with confidential data is an upper bound on...
Random numbers are essential for cryptography. In most real-world systems, these values come from a...
International audienceThe channel capacity of a deterministic system with confidential data is an up...
In this work we demonstrate various weaknesses of the random number generator (RNG) in the OpenSSL c...
Random number generation is a critical issue in numerous cryptographic applications: it is used for ...
Information flow analysis is a powerful technique for reasoning about the sensitive information expo...
Abstract. A pseudo-random number generator (PRNG) is a deterministic algorithm that produces numbers...