Description: Many program written today require the ability to generate pseudo-random values. There are many ways of doing this and most languages and platforms choose unfortunate defaults, allowing attackers to predict the output of these RNGs and launch a variety of practical attacks. I discuss how some of these RNGs work and how they can be exploited. I will also release and discuss a tool for performing RNG prediction. I am open to either talk length (there is no either option in this form).
I recently graduated from Mississippi State University and am currently a security researcher for Dynetics in Huntsville, AL. I primarily work in software reverse-engineering and tool development.
For More Information Please Visit: -
http://www.derbycon.com/
http://www.irongeek.com/i.php?page=videos/derbycon5/mainlist
Tags:
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.