Bilkent University
Department of Computer Engineering


Analysis of Android Random Number Generator


Serkan Sarıtaş
MSc Student
Computer Engineering Department
Bilkent University

Randomness is a crucial resource for cryptography, and random number generators are critical building blocks of almost all cryptographic systems. Therefore, random number generation is one of the key parts of secure communication. Problematic random number generation process may result in breaking the encrypted communication channel; because the encryption keys are obtained by using the random numbers. For the computers and smart devices, generation of random numbers is done by operating ystems. Because of the importance of the random number generation, this process should be analyzed deeply and cryptographically for different operating systems.

From this perspective, we studied Android random number generation process by looking the source codes and found that security of random number generation of Android relies on the security of random number generation of Linux. Then we analyzed Android random number generator by modifying the kernel source code and applying some tests on its entropy estimator. Finally, we looked for possible weaknesses during startup of Android devices.

Keywords: Cryptography, SecureRandom , random number generation/generators, Linux RNG, Android RNG, entropy estimator.


DATE: 17 May, 2013, Friday @ 14:30