lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4F173C9C-4140-4FF2-B447-36F9820E11FE@tallence.com>
Date: Fri, 8 Jul 2005 22:27:25 +0200
From: Stefan Bethke <s.bethke@...lence.com>
To: Kai Howells <kai.howells@...rp.com.au>
Cc: bugtraq@...urityfocus.com
Subject: Re: /dev/random is probably not


Am 07.07.2005 um 02:53 schrieb Kai Howells:

[ Mac OS X entropy pool being periodically saved to a file and used  
on boot to prime the PRNG ]

> Now this raises some interesting issues - such as where is the  
> entropy written to, and how much does this pool of entropy set the  
> state of the RNG after bootup - ie, if an attacker had control of  
> this file, could they influence the RNG in a deterministic fashion  
> after forcing a reboot?

$ ls -l /private/var/db/SystemEntropyCache
-rw-------   1 root  wheel  20 Jul  8 21:59 /private/var/db/ 
SystemEntropyCache

If an attacker can manipulate this file, he probably has much more  
effective tools to control the system...

FreeBSD 5 uses a similiar mechanism:
http://www.freebsd.org/cgi/man.cgi? 
query=random&apropos=0&sektion=4&manpath=FreeBSD+5.4-stable&format=html

$ sudo ls -la /var/db/entropy
total 20
drwx------  2 operator  operator   512 Jul  8 22:22 .
drwxr-xr-x  8 root      wheel      512 Jul  8 22:21 ..
-r--------  1 operator  operator  2048 Jul  8 22:22 saved-entropy.1
-r--------  1 operator  operator  2048 Jul  8 22:11 saved-entropy.2
-r--------  1 operator  operator  2048 Jul  8 22:00 saved-entropy.3
-r--------  1 operator  operator  2048 Jul  8 21:55 saved-entropy.4
-r--------  1 operator  operator  2048 Jul  8 21:44 saved-entropy.5
-r--------  1 operator  operator  2048 Jul  8 21:33 saved-entropy.6
-r--------  1 operator  operator  2048 Jul  8 21:22 saved-entropy.7
-r--------  1 operator  operator  2048 Jul  8 21:11 saved-entropy.8


-- 
Stefan Bethke <s.bethke@...lence.com>
Tallence GmbH, Baumwall 3, D-20459 Hamburg, Germany
Mobile +49 170 3460140, Office +49 40 360935-0, Fax +49 40 360935-10

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ