An Analysis of OpenSSL's Random Number Generator
EUROCRYPT, pp. 644-669, 2016.
In this work we demonstrate various weaknesses of the random number generator RNG in the OpenSSL cryptographic library. We show how OpenSSL's RNG, knowingly in a low entropy state, potentially leaks low entropy secrets in its output, which were never intentionally fed to the RNG by client code, thus posing vulnerabilities even when in the...More
PPT (Upload PPT)