The Struggle: Dealing with Language Designers and Maintainers on Proper Use of CSPRNGs

Explore a conference talk that delves into the challenges of implementing Cryptographically Secure Pseudo-Random Number Generators (CSPRNGs) in programming languages and the Linux kernel. Learn about the efforts of cryptographers, developers, and security engineers to improve randomness generation in high-profile languages such as Ruby, Node.js, and Erlang. Discover better approaches for language maintainers and implementers, as well as upcoming changes in the Linux kernel crypto subsystem. Gain insights into operating system-provided randomness testing and mitigation strategies for attacks in embedded and virtualized environments. Presented by Aaron Zauner, an experienced engineer with expertise in distributed systems, applied cryptography, and information security.

Hack.lu 2017 The Struggle: dealing with language designers & maintainers on proper use of CSPRNGs