Abstract
Constant blinding is an efficient countermeasure against just-in-time (JIT) spraying attacks. Unfortunately, this mitigation mechanism is not always implemented correctly. One such example is the constant blinding mechanism found in the Adobe Flash Player. Instead of choosing a strong mainstream pseudo-random number generator (PRNG), the Flash Player designers chose to implement a proprietary one. This led to the discovery of a vulnerability that can be exploited to recover the initial seed used by the PRNG and thus, to bypass the constant blinding mechanism. Using this vulnerability as a starting point, we show that no matter the parameters used by the previously mentioned PRNG it still remains a weak construction. A consequence of this study is an improvement of the seed recovering mechanism from previously known complexity of \(\mathcal O(2^{21})\) to one of \(\mathcal O(2^{11})\).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The DEP mechanism performs additional checks on memory to help prevent malicious code from running on a system.
- 2.
i.e., the seed used to generate the cookie can be recovered in reasonable time.
References
A Full Exploit of CVE-2017-3000 on Flash Player Constant Blinding PRNG. https://github.com/dangokyo/CVE-2017-3000/blob/master/Exploiter.as
Left Shift and Right Shift Operators. https://docs.microsoft.com/en-us/cpp/cpp/left-shift-and-right-shift-operators-input-and-output?view=vs-2017
Source Code for the Actionscript Virtual Machine. https://github.com/adobe-flash/avmplus/tree/master/core/MathUtils.cpp
Using the GNU Compiler Collection. https://gcc.gnu.org/onlinedocs/gcc/Integers-implementation.html
Vulnerability Details: CVE-2017-3000. https://www.cvedetails.com/cve/CVE-2017-3000/
Athanasakis, M., Athanasopoulos, E., Polychronakis, M., Portokalidis, G., Ioannidis, S.: The devil is in the constants: bypassing defences in browser JIT engines. In: NDSS 2015. The Internet Society (2015)
Blazakis, D.: Interpreter exploitation. In: WOOT 2010. USENIX Association (2010)
Reshetova, E., Bonazzi, F., Asokan, N.: Randomization can’t stop BPF JIT spray. In: Yan, Z., Molva, R., Mazurczyk, W., Kantola, R. (eds.) NSS 2017. LNCS, vol. 10394, pp. 233–247. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-64701-2_17
Wang, C., Huang, T., Wu, H.: On the weakness of constant blinding PRNG in flash player. In: Naccache, D., et al. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 107–123. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01950-1_7
Ward, G.: A recursive implementation of the perlin noise function. In: Graphics Gems II, pp. 396–401. Elsevier (1991)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Additional Algorithms
A Additional Algorithms
In [9] the algorithm used to invert g is not presented in full. Based on the descriptions found in [1, 9] we present the full algorithm in Algorithm 7. Note that the algorithm works for any generic polynomial g, not only for the one used in the Flash Player PRNG. Note that \( { \& }S\) means that we pass S by reference.
The only algorithm we found for reversing the Flash Player PRNG is described in [1]. We improve their attack in Algorithm 8. To reverse the bit manipulation function f and the polynomial g we use the abstract functions \(Reverse\_bit\_manipulation\) and \(Reverse\_polynomial\), respectively. Remark that Algorithm 8 works for any generic polynomial g and any generic function \(h(x) = p \cdot x \bmod 2^n\) with p odd. In the Flash Player case we have \(p^{-1} \equiv 3811027319 \bmod 2^{32}\).
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Teşeleanu, G. (2019). Reinterpreting and Improving the Cryptanalysis of the Flash Player PRNG. In: Carlet, C., Guilley, S., Nitaj, A., Souidi, E. (eds) Codes, Cryptology and Information Security. C2SI 2019. Lecture Notes in Computer Science(), vol 11445. Springer, Cham. https://doi.org/10.1007/978-3-030-16458-4_7
Download citation
DOI: https://doi.org/10.1007/978-3-030-16458-4_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-16457-7
Online ISBN: 978-3-030-16458-4
eBook Packages: Computer ScienceComputer Science (R0)