lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Thu, 1 Nov 2007 13:17:40 +0100
From: Henrik Langos <hlangos-bugtraq@...ominate.com>
To: bugtraq@...urityfocus.com
Subject: Re: Comments re ISC's announcement on bind9 security

Dear Shane,

I have no deep insight into the development of bind8/9, nor do I follow
their security track record close enough to judge any of your points
regarding its security.

I beg to differ on a point of terminology though. 

On Wed, Oct 31, 2007 at 02:44:35PM +0100, Shane Kerr wrote:
>
> My own take on it is that "crypto" implies that
> information is hidden in some way. 

The "information hidden in some way" is the next sequence number. Since
you are using a PRNG in a open source application, there is no secret in 
the algorithm but only in inner state of your PRNG, which is determined 
from its initial state and the number of rounds it has been going 
for. (simplifying a bit here)

If the claim is true that the next sequence number generated by the PRNG 
of bind9 can be guessed after seeing about a dozen of them, than the
"hidden information" is revealed to an attacker.

This to me seems to validate usage of the term "weak crypto".

> Not all security-related technology is
> cryptography. For instance, putting per-user limits on resources prevents
> certain kinds of denial-of-service attacks, but it is certainly not "crypto".
> 
> Because a lot of techniques in cryptography require good random numbers, it has
> been widely studied by cryptographers. Therefore if you want a good
> pseudo-random number generator, it is probably a good idea to see what the state
> of the art in the cryptography field is. But random number generation is not
> "crypto" any more than using a series of bit shift and XOR operations is crypto.

You are right about the fact that not all security-related technology is
cryptography. And you would even be right if you had said that not all
random number generation is cryptography. 

If I had a device that generated true random numbers, I wouldn't call that device 
a "crypto" device. But _pseudo_ random number generators used for _security purposes_ 
(and the sequence number is a security mechanism, right?) decidedly are crypto.

Best regards
-h.langos

-- 
Speaking for myself and myself only.
<Insert your favourite disclaimer here>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ