Billions of IoT Devices at Risk Because the RNG Module Doesn’t Always Produce Random Numbers

Security researchers have identified a vulnerability in the hardware random number generators (RNG) implemented in billions of IoT devices, which in theory would undermine the cryptographic process by providing not-so-random numbers.

Most modern IoT devices have a piece of dedicated hardware named RNG, implemented at the systems-on-a-chip (SoC) level, which is interrogated from the OS level whenever the need arises for a private key. While the process should be technically more than sufficient to produce unique numbers, it turns out that it doesn’t happen under several scenarios.

Due to a series of factors identified by Bishop Fox researchers, the RNG module doesn’t always work as it should.

“But it turns out that these ‘randomly’ chosen numbers aren’t always as random as you’d like when it comes to IoT devices,” said the researchers. “In fact, in many cases, devices are choosing encryption keys of 0 or worse. This can lead to a catastrophic collapse of security for any upstream use.”

When the OS calls for a random number, two critical results have to be taken into consideration. The module offers a random number, but it can also return values specific to any number of error cases. As the researchers found out, no one really cares about these errors, and the OS ignores them, for the most part.

“So, the first question you might be asking is, ‘How many people out there in the wild actually check this error code?’ Unfortunately, the answer is almost nobody,” researchers added.

Three different problems can occur. RNG will produce a number using only partial entropy (not truly random), the number 0 or uninitialized memory. None of these scenarios are ideal, and researchers say that many IoT devices are likely offering 0 crypto keys.

The researchers conclude that this problem affects the entire IoT industry and recommend implementing a cryptographically secure pseudorandom number generator (CSPRNG) at the OS level. It’s not the kind of problem that can be fixed with a patch, and it will take some time before the industry catches up.