Research Post: Cache Attacks on CTR_DRBG

This post presents results from our paper “Pseudorandom Black Swans: Cache Attacks on CTR_DRBG”. We illustrate how omissions in the threat model of a U.S government’s standard lead to a practical, end-to-end attack on the most popular generator contained within. It is based on work by Andrew Kwong, Shahar Paz, Daniel Genkin, Nadia Heninger, Eyal […]