Date: Mon, 8 Jan 2007 21:18:23 +0000 From: RW <fbsd06@mlists.homeunix.com> To: freebsd-questions@freebsd.org Subject: Re: pwgen's seeding looks insecure Message-ID: <20070108211823.4c4b51c9@gumby.homeunix.com> In-Reply-To: <EAE5160D-6B80-4C6A-BB8F-70518EE0711F@u.washington.edu> References: <20070108175314.27ce391f@gumby.homeunix.com> <20070108183645.GF41724@dan.emsphone.com> <EAE5160D-6B80-4C6A-BB8F-70518EE0711F@u.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 8 Jan 2007 10:56:50 -0800 Garrett Cooper <youshi10@u.washington.edu> wrote: > On Jan 8, 2007, at 10:36 AM, Dan Nelson wrote: > > > In the last episode (Jan 08), RW said: > >> Someone recently recommended sysutils/pwgen for generating user > >> passwords. Out of curiosity I had a look at how it works, and I > >> don't like the look of its PRNG initialization: > >> > >> > >> #ifdef RAND48 > >> srand48((time(0)<<9) ^ (getpgrp()<<15) ^ (getpid()) ^ (time(0) > >> >>11)); > >> #else > >> srand(time(0) ^ (getpgrp() << 8) + getpid()); > >> #endif > >> > >> If pwgen is called from an account creation script, time(0) can be > >> inferred from timestamps, e.g. on a home-directory, so that just > >> leaves > >> getpid() and getpgrp(). PIDs are allocated sequentially and > >> globally, > >> so getpid() is highly predictable. I don't know much about > >> getpgrp(), but from the manpage it doesn't appear to be any better. > > > > Even better: make RANDOM() call random() instead of rand() I wasn't suggesting the use of getpgrp(), it's one of the existing three sources of entropy . The other two sources are can be inferred by any user (assuming that pwgen is run close to the point at which the account is created). What I was wondering is how much secure entropy there is in getpgrp() alone. I just wrote a little test program, and getpgrp() seems to return the same number as getpid. If I haven't screwed-up and that is generally correct, then any user can log PIDs verses time and find the password of a newly created account from the datestamp of its home directory, within a few attempts.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070108211823.4c4b51c9>