Black-Box Assessment of Pseudorandom Algorithms presented at BlackHatUSA 2013

by Derek Soeder, Christopher Abad, Gabriel Acevedo,

Summary : Last year at Black Hat, Argyros and Kiayias devastated all things pseudorandom in open-source PHP applications. This year, we're bringing PRNG attacks to the masses.
We'll point out flaws in many of the most common non-cryptographic pseudorandom number generators (PRNGs) and examine how to identify a PRNG based on a black-box analysis of application output. In many cases, most or all of the PRNG's internal state can be recovered, enabling determination of past output and prediction of future output. We'll present algorithms that run many orders of magnitude faster than a brute-force search, including reversing and seeking the PRNG stream in constant time. Finally, of course, we'll demonstrate everything and give away our tool so that you can perform the attacks during your own assessments.