Congratulations to Amit Klein for the acceptance of his single author paper, “Cross layer attacks and how to use them (for DNS cache poisoning, device tracking and more)”, to IEEE Security and Privacy 2021

This work analyzes the prandom PRNG used in the Linux/android kernel, and its use for generating UDP source ports, IPv6 flow labels, and IPv4 IDs. The paper demonstrates attacks which infer the internal state of prandom from one OSI layer, and use it to predict values employed by another OSI layer. This enables to mount a very efficient DNS cache poisoning attack against Linux, and to track Linux and Android devices.

Posted by