Don’t _miss

Wire Festival

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nullam blandit hendrerit faucibus turpis dui.

Useful links

Call For Papers

Tickets & Merch

Sponsorship

Presentations

Workshop sessions

Speakers

Venue info

 

<We_can_help/>

What are you looking for?

<Good_things_happen/> Welcome to Conference

d

Copyright @ Select-themes

Follow us

>Recovering Secret Keys from E2EE Chat Messages using SAT Solvers

Recovering Secret Keys from E2EE Chat Messages using SAT Solvers

We looked into the end-to-end encrypted chat app ginlo and found that it uses the non-cryptographically secure pseudorandom number generator (non-CSPRNG) R250 for some of its random number generation on iOS. This allowed an attacker to recover a user’s long-term identity and message encryption keys from 75 consecutively received messages within a few seconds on a consumer laptop.
To break other non-CSPRNGs, SAT solvers have been employed in the past. This talk will first discuss how to identify PRNGs that can efficiently be attacked with SAT solvers and what a SAT solver is, before introducing the example of the R250 PRNG in detail, along with its use in ginlo’s end-to-end encryption protocol implemention in its iOS app. Finally, the knowledge is combined to develop the proof of concept attack on ginlo.