On Thu, Jul 19, 2012 at 4:37 AM, Kevin Chadwick <[email protected]>wrote:
> > For what it's worth, in Android, we do more than suggested by "man 4 > > random". Most Linux systems just save and restore entropy across boots, > and > > don't feed in device specific information into the pool. In Android, we > add > > device specific data to the entropy pool, to (help) prevent device class > > attacks. Two Android systems with different device device IDs should > never > > have their entropy pool in the same state. > > Two android systems with the SAME device ID should never have their > entropy pool in the same state either. Couldn't this specific data be > known/found anyway. Every system should have unique data to use. > > We mix the device serial number into the /dev/random entropy pool. Two of the same device with different serial numbers will have a DIFFERENT entropy state. Android primarily uses the Linux kernel's /dev/random and /dev/urandom interface for generating random data. We use whatever entropy is collected by the kernel to improve the quality of the data in the randomness pool. Data we feed into /dev/random only helps mix this pool further. * * The actual code which is responsible for this is: https://code.google.com/p/android-source-browsing/source/browse/services/java/com/android/server/EntropyMixer.java?repo=platform--frameworks--base Specifically: /** * Add additional information to the kernel entropy pool. The * information isn't necessarily "random", but that's ok. Even * sending non-random information to {@code /dev/urandom} is useful * because, while it doesn't increase the "quality" of the entropy pool, * it mixes more bits into the pool, which gives us a higher degree * of uncertainty in the generated randomness. Like nature, writes to * the random device can only cause the quality of the entropy in the * kernel to stay the same or increase. * * <p>For maximum effect, we try to target information which varies * on a per-device basis, and is not easily observable to an * attacker. */ private void addDeviceSpecificEntropy() { PrintWriter out = null; try { out = new PrintWriter(new FileOutputStream(randomDevice)); out.println("Copyright (C) 2009 The Android Open Source Project"); out.println("All Your Randomness Are Belong To Us"); out.println(START_TIME); out.println(START_NANOTIME); out.println(SystemProperties.get("ro.serialno")); out.println(SystemProperties.get("ro.bootmode")); out.println(SystemProperties.get("ro.baseband")); out.println(SystemProperties.get("ro.carrier")); out.println(SystemProperties.get("ro.bootloader")); out.println(SystemProperties.get("ro.hardware")); out.println(SystemProperties.get("ro.revision")); out.println(new Object().hashCode()); out.println(System.currentTimeMillis()); out.println(System.nanoTime()); } catch (IOException e) { Slog.w(TAG, "Unable to add device specific data to the entropy pool", e); } finally { if (out != null) { out.close(); } } } http://www.openbsd.org/cgi-bin/cvsweb/src/sys/dev/rnd.c?rev=1.140;content-type=text%2Fplain > > -- > ________________________________________________________ > > Why not do something good every day and install BOINC. > ________________________________________________________ > > -- > You received this message because you are subscribed to the Google Groups > "Android Security Discussions" group. > To post to this group, send email to > [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/android-security-discuss?hl=en. > > -- Nick Kralevich | Android Security | [email protected] | 650.214.4037 -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/android-security-discuss?hl=en.
