Attacking the Linux PRNG on Android

Explore the vulnerabilities of the Linux Pseudorandom Number Generator (LPRNG) on Android devices in this 57-minute Black Hat conference talk. Delve into a practical attack against the LPRNG's internal state during early boot, given a leaked random value. Examine how this vulnerability affects the majority of Android-based mobile devices and its implications for platform security features like Address Space Layout Randomization (ASLR) and stack protection. Discover two real-world exploitation vectors enabled by this attack, including a live demonstration. Learn about current mitigations and gain insights into designing secure PRNGs for embedded platforms. Analyze the boot timeline, probability of success, and potential attack scenarios while considering the broader implications for Android security.

Introduction
Outline
Story
Stack Canaries
Summary
Boot Timeline
Contributions
Teaser
Whitepaper
Problems
Segmenting
Leaks
Theoretic
Disclaimer
What we found
Zygote
Other
Leak
Early Boot
Probability
Demo
Cat
Boot time leak
Kernel boot time leak
ipv6 segmentation
Scenario
Results
What can we attack
Mitigations
Hard R
Wrapup
Discussion