[124202] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: The perils of security tools

daemon@ATHENA.MIT.EDU (Paul Hoffman)
Thu May 22 11:25:31 2008

In-Reply-To: <48299355.3060904@links.org>
Date: Tue, 13 May 2008 08:10:12 -0700
To: Ben Laurie <ben@links.org>, Cryptography <cryptography@metzdowd.com>
From: Paul Hoffman <paul.hoffman@vpnc.org>

I'm confused about two statements here:

At 2:10 PM +0100 5/13/08, Ben Laurie wrote:
>The result of this is that for the last two years (from Debian's 
>"Edgy" release until now), anyone doing pretty much any crypto on 
>Debian (and hence Ubuntu) has been using easily guessable keys. This 
>includes SSH keys, SSL keys and OpenVPN keys.

. . .

>[2] Valgrind tracks the use of uninitialised memory. Usually it is 
>bad to have any kind of dependency on uninitialised memory, but 
>OpenSSL happens to include a rare case when its OK, or even a good 
>idea: its randomness pool. Adding uninitialised memory to it can do 
>no harm and might do some good, which is why we do it. It does cause 
>irritating errors from some kinds of debugging tools, though, 
>including valgrind and Purify. For that reason, we do have a flag 
>(PURIFY) that removes the offending code. However, the Debian 
>maintainers, instead of tracking down the source of the 
>uninitialised memory instead chose to remove any possibility of 
>adding memory to the pool at all. Clearly they had not understood 
>the bug before fixing it.

The second bit makes it sound like the stuff that the Debian folks 
blindly removed was one, possibly-useful addition to the entropy 
pool. The first bit makes it sound like the stuff was absolutely 
critical to the entropy of produced keys. Which one is correct?

--Paul Hoffman, Director
--VPN Consortium

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post