CPSC 42500 Homework 7: Random Number Generation, Primes, Modular Arithmetic

1. (2 pts) If an adversary knows the process by which a 128-bit key was generated, and this process generates keys with only 73 bits of entropy, with what probability can the adversary potentially guess the key (in a single guess)?

2. (2 pts) What is the name of the pseudorandom number generation algorithm used in the random module of the Python standard library? Is this a cryptographically secure PRNG?

3. (3 pts) The Fortuna RNG described in your textbook has been implemented in the Linux operating system. Use the description of its implementation at https://jlcooke.ca/random/ to answer the following.

1. Which hash function does it use to extract entropy from input events?

1. Which block cipher and mode of operation does it use to generate the pseudorandom output?

4. (3 pts) Say an adversary, who does not know the seed of your PRNG, observes the output of one million bits from your generator. They are then able to predict the next bit that will come out with a 51% probability of being correct. Is this PRNG secure enough? Why or why not?

(2 pts) Consider the Debian Linux RNG bug described in class, which potentially allowed all SSL traffic coming from the system to be decrypted. How long was the time span between the bug’s introduction and when the vulnerability was announced publicly?

DETAILED ASSIGNMENT

attachment_3