Description: Last year at Black Hat, Argyros and Kiayias devastated all things pseudorandom in open-source PHP applications. This year, we're bringing PRNG attacks to the masses.
We'll point out flaws in many of the most common non-cryptographic pseudorandom number generators (PRNGs) and examine how to identify a PRNG based on a black-box analysis of application output. In many cases, most or all of the PRNG's internal state can be recovered, enabling determination of past output and prediction of future output. We'll present algorithms that run many orders of magnitude faster than a brute-force search, including reversing and seeking the PRNG stream in constant time. Finally, of course, we'll demonstrate everything and give away our tool so that you can perform the attacks during your own assessments.
For More Information please visit : - http://www.blackhat.com/us-13/briefings.html
Tags: securitytube , hacking , hackers , information security , convention , computer security , blackhat-usa-2013 ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.