Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Please provide full answers and don't copy from other chegg answers!! 1 Overview The learning objective of this lab is for students to get familiar

Please provide full answers and don't copy from other chegg answers!!

image text in transcribed

image text in transcribed

image text in transcribed

1 Overview The learning objective of this lab is for students to get familiar with the concepts of random numbers in Linux environment. After finishing the lab, students should be able to gain a first-hand experience on randomization. The virtual machine used in this lab can be found here https://seedsecuritylabs.org/lab_ env.html and the lab URL can be found http://wwW.cis.syr.edu/ wedu/seed/Labs_12. 04/Crypto/Crypto_Encryption/ 2 Lab Tasks 2.1 Task 1: Pseudo Random Number Generation Generating random numbers is a quite common task in security software. In many cases, encryption keys are not provided by users, but are instead generated inside the software. Their randomness is extremely important; otherwise, attackers can predict the encryption key, and thus defeat the purpose of encryption. Many developers know how to generate random numbers (e.g. for Monte Carlo simulation) from their prior experiences, so they use the similar methods to generate the random numbers for security purpose. Unfortunately, a sequence of random numbers may be good for Monte Carlo simulation, but they may be bad for encryption keys. Developers need to know how to generate secure random numbers, or they will make mistakes. Similar mistakes have been made in some well-known products, including Netscape and Kerberos. In this task, students will learn a standard way to generate pseudo random numbers that are good for security purposes. Task 1.A: Measure the Entropy of Kernel To generate good pseudo random numbers, we need to start with something that is random; otherwise, the outcome will be quite predictable. Software (i.e. in the virtual world) is not good at creating randomness, so most systems resort to the physical world to gain the randomness. Linux gains the randomness from the following physical resources: void add_keyboard_randomness (unsigned char scancode); void add_mouse_randomness (__u2 mouse_data); void add_interrupt_randomness (int irq); void add_blkdev_randomness (int major); The first two are quite straitforward to understand: the first one uses inter-keypress timing and scancode, and the second one uses mouse movement and interrupt timing. The third one gathers random numbers using the interrupt timing. Of course, not all interrupts are good sources of randomness. For example, the timer interrupt is not a good choice, because it is predictable. However, disk interrupts are a better measure. The last one measures the finishing time of block device requests. The randomness is measured using entropy, which is different from the meaning of entropy in the information theory. Here, it simply means how many bits of random numbers the system currently has. You can find out how much entropy the kernel has at the current moment using the following command. of cat /proc/sys/kernel/random/entropy_avail Please move and click your mouses, type somethings, and run the program again. Please describe your observation in your report. Task 1.B: Get Pseudo Random Numbers from / dev / random Linux stores the random data collected from the physical resources into a random pool, and then uses two devices to turn the randomness into pseudo random numbers. These two devices have different behaviors. In this subtask, we study the / dev/random device. You can use the following command to get 16 bytes of pseudo random numbers from / dev/random. We pipe the data to hexdump to print them out. \& head c 16/ dev/random hexdump Please run the above command several times, and you will find out that at some point, the program will not print out anything, and instead, it will be waiting. Basically, every time a random number is given out by /dev/random, the entropy of the randomness pool will be decreased. When the entropy reaches zero, / dev/random will block, until it gains enough randomness. Please show us how you can get / dev/random to unblock and to print out random data. Task 1.C: Get Random Numbers from / dev/urandom Li nux provides another way to access the random pool via the /dev/urandom device, except that this device will not block, even if the entropy of the pool runs low. You can use the following command to get 1600 bytes of pseudo random numbers from / dev/urandom. You should run it several times, and report whether it will block or not. \begin{tabular}{l} \hline of head c1600 /dev/urandom / hexdump \\ \hline Both /dev/random and / dev/urandom use the random data from the pool to generate pseudo \end{tabular} random numbers. When the entropy is not sufficient, /dev/random will pause, while /dev/urandom will keep generating new numbers. Think of the data in the pool as the "seed", and as we know, you can use a seed to generate as many pseudo random numbers as you want. Theoretically speaking, the / dev/random device is more secure, but in practice, there is not much difference, because the "seed" is random and nonpredictable. / dev/urandom does re-seed whenever new random data become available. The fact that /dev/random blocks may lead to denial of service attacks. It is recommended that you use /dev/urandom to get random numbers. To do that in your program, you just need to read directly from this file. The following code snippet shows you how. \#define LEN 16//128 bits unsigned char key = (unsigned char ) malloc(sizeof(unsigned char) *LEN); ElLE* random = fopen ("/dev/urandom", "r"); fread (key, sizeof (unsigned char) LEN, 1, random); fclose (random); 3 Submission You need to submit a detailed lab report to describe what you have done and what you have observed; you also need to provide explanation to the observations that are interesting or surprising. In your report, you need to answer all the questions listed in this lab

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image_2

Step: 3

blur-text-image_3

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Murach's SQL Server 2012 For Developers

Authors: Bryan Syverson, Joel Murach, Mike Murach

1st Edition

1890774693, 9781890774691

Students also viewed these Databases questions