Printed from http://www.electronista.com

Researcher: iOS 7 security at risk from weak random number generator

updated 02:49 pm EDT, Fri March 14, 2014

Predictable and observable random number generator present in iOS 7

All mobile operating systems require what is called an Early Random Pseudorandom Number Generator (PRNG) to give the operating system some security from kernel exploits. Researchers have warned that the new one implemented in iOS 7 is potentially vulnerable to brute force attacks, and can be relatively easy to predict -- making security exploits somewhat easier to develop, if left unpatched.

The random number generator protects memory allocation by stumping buffer overflow attacks, obfuscating where code is running and how to intercept or alter the contents of RAM. These steps are taken to prevent alterations to running software -- as well as the buffer overflow attack, allowing arbitrary code to be executed -- are called mitigations.

PRNGs are vital for cryptography -- cryptographic applications require the output to also be unpredictable. A predictable random number generator used to develop keys for cryptography leads to insecure keys, prone to easier breaking. Any logical device generating a random number uses a mathematical formula and a "seed" value derived from a changing source, typically a time signal, in its generation.

In Apple's case, the seed for the random number in iOS 7 is derived from a source more readily observed and predictable, with fewer changes than the version used in iOS 6, which was also flawed. "All the mitigations deployed by the iOS kernel essentially depend on the robustness of the Early Random PRNG," Azimuth Security senior researcher Tarjei Mandt claimed. "It must provide sufficient entropy and non-predictable output."

While researching the matter, Mandt found that "we found that an unprivileged attacker, even when confined by the most restrictive sandbox, can recover arbitrary outputs from the generator and consequently bypass all the exploit mitigations that rely on the early random PRNG."

"Quite a bit of mitigations rely on the PRNG," Mandt said. "If the generator is broken, all of this is pretty much useless." Apple representatives were able to see Mandt's slides for his speech at security trade show CanSecWest prior to his presentation, but the company had not been informed of the potential weaknesses by Mandt before that, leaving them unable to correct the issue before the presentation.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Logitech Hyperion Fury mouse

Selecting the correct gaming mouse comes down to finding a device that balances the needs of a user with a price they can afford. Ofte ...

Life n Soul BM211 Bluetooth speaker

Bluetooth speakers aren't only for listening to some music at the park or on a long bus ride, but can also be built with tablets in mi ...

Epson PowerLite Home Cinema 2030 projector

With high-definition televisions now the standard, 4K televisions becoming the next big thing, and plasma TVs going the way of the din ...

Sponsor

toggle

Most Commented

 
toggle

Popular News