Browse > Article
http://dx.doi.org/10.13089/JKIISC.2021.31.2.145

Security Analysis of Random Number Generator in Fuchsia Operating System and Zircon Kernel  

Kim, Yewon (Dept. of Financial Information Security, Kookmin University)
Yeom, Yongjin (Dept. of Information Security, Cryptology and Mathematics, Kookmin University)
Kang, Ju-Sung (Dept. of Information Security, Cryptology and Mathematics, Kookmin University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.31, no.2, 2021 , pp. 145-156 More about this Journal
Abstract
Fuchsia is an operating system that is being developed publicly by Google to be used in environments ranging from desktops to IoT devices. It is based on a microkernel called Zircon that Google is developing. Since the vulnerability of the random number generator(RNG) used to generate cryptographic keys and security parameters affects the security of the operating system, it is necessary to analyze the security of the RNG used in Fuchsia and Zircon. In this paper, we analyze the structure of the RNG used in Fuchsia and Zircon and the entropy source used by RNG. In addition, we estimate the entropy of the jitter entropy source, which is likely to be the only input of the RNG of Fuchsia and Zircon, and propose a method and a cost of exhaustive search for the jitter entropy source. The results of this paper show the possibility of attacking RNG of the Fuchsia and Zircon operating in various environments and are expected to be used to analyze the security of RNGs of various operating systems that use the jitter entropy source.
Keywords
Fuchsia operating system; Zircon kernel; Jitter entropy source; Random number generator;
Citations & Related Records
연도 인용수 순위
  • Reference
1 Google Open Source, "Expanding Fuchsia's open source model" https://opensource.googleblog.com/2020/12/expanding-fuchsias-open-source-model.html, last accessed 2020/12/28.
2 Fuchsia, "Fuchsia" https://fuchsia.dev/, last accessed 2020/12/28.
3 Heninger, Nadia, et al., "Mining your Ps and Qs: Detection of widespread weak keys in network devices," Proceedings of the 21st USENIX Security Symposium, pp. 205-220, Aug. 2012.
4 Yewon Kim, Wontae Kim, Ju-Sung Kang, and Yongjin Yeom, "A Security Analysis of the Jitter Entropy Source of a Random Number Generator used in Zircon Operating System by Google," Proceedings of the KICS winter conference 2019, pp. 1-2, Jan. 2019.
5 Ju-Sung Kang, Hojoong Park, and Yongjin Yeom, "Probabilistic Analysis for the Relationship Between Min-Entropy and Guessing Attack," Proceedings of the the 11th KIPS International Conference on Ubiquitous Information Technologies and Applications (CUTE 2016), pp. 567-572, Dec. 2016.
6 Sonmez Turan, M., Barker, E., Kelsey, J., McKay, K., Baish, M., and Boyle, M., "Recommendation for the Entropy Sources Used for Random Bit Generation(Second DRAFT)," NIST Special Publication 800-90B, NIST, Jan. 2016.
7 Soo Hyeon Kim, Daewan Han, and Dong Hoon Lee, "Predictability of Android OpenSSL's pseudo random number generator," Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security, pp. 659-668, Nov. 2013.
8 Yilek, Scott, et al., "When private keys are public: Results from the 2008 Debian OpenSSL vulnerability," Proceedings of the 9th ACM SIGCOMM Conference on Internet Measurement, pp. 15-27, Nov. 2009.
9 Turan, M. S., Barker, E., Kelsey, J., McKay, K., Baish, M., and Boyle, M., "Recommendation for the Entropy Sources Used for Random Bit Generation," NIST Special Publication 800-90B, NIST, Jan. 2018.
10 Kaplan, David, et al., "Attacking the Linux PRNG On Android: Weaknesses in Seeding of Entropic Pools and Low Boot-Time Entropy," Proceedings of the 8th USENIX Workshop on Offensive Technologies, pp. 1-14, Aug. 2014.
11 Ding, Yu, et al., "Android low entropy demystified," Proceedings of the 2014 IEEE International Conference on Communications, pp. 659-664, Jun. 2014.
12 Taeill Yoo, Ju-Sung Kang, and Yongjin Yeom, "Recoverable random numbers in an internet of things operating system," Entropy, 19(3), 113, pp. 1-14, Mar. 2017.   DOI
13 Google Git, "fuchsia Git repositories" https://fuchsia.googlesource.com/, last accessed 2020/12/28.
14 Choi, H., et al., "Guideline for the Collection and Application of Noise Source on Operating Systems," TTAS.KO -12.0235/R2, TTA, Dec. 2020.
15 Kim, H., et al., "Guideline for Testing Noise Sources used in Software Cryptographic Modules," TTAK.KO-12.0341/R1, TTA, Dec. 2020.
16 Yewon Kim, Ju-Sung Kang and Yongjin Yeom, "Structure Analysis of Random Number Generator in Google's RTOS," Proceedings of the KICS summer conference 2018, pp. 1-2, Jun. 2018.
17 Stephan Muller, "CPU Time Jitter Based Non-Physical True Random Number Generator," https://www.chronox.de/jent/doc/CPU-Jitter-NPTRNG.html, 2013.