Most modern TCP implementations use pseudo-random number generators(PRNG) to determine starting sequence numbers for TCP sessions. With such generators, it is difficult to compute the ith number generated, given only the(i-1)st number generated. Explain what network security risks are created if an attacker is able to break such a PRNG so that he can in fact easily compute the ith number generated, given only the (i-1)st number generated

Respuesta :

Answer:

The security algorithm can be target by a non-trivial attack on the foward security generator, and a trivial attack on the backward security generator.

Explanation:

Given the internal state of the generator , the previous state can be computed  in O(2²³) work, which is an attack on the foward security of the generator, and O(1) attack on backward security is trivial. The attack on foward-security demonstrates that the design of the generator is flawed, since it is well known how to prevent such attacks.

The way the generator is run by the operating system amplifies the effects of the attacks. The generator is run in user mode rather than in kernel mode, therefore, it is easy to access its state even without administrador privileges.

A buffer overflow attack or similar attack can be used to learn a single state of the generator, which can then be used to predict all random values, such as SSL keys.