Date: Tue, 25 Nov 2008 00:57:55 +0300 From: Stanislav Sedov <stas@FreeBSD.org> To: Nate Eldredge <neldredge@math.ucsd.edu> Cc: freebsd-security@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random Message-ID: <20081125005755.d962ddf0.stas@FreeBSD.org> In-Reply-To: <Pine.GSO.4.64.0811241001430.1597@zeno.ucsd.edu> References: <200811241747.mAOHlDSE034716@freefall.freebsd.org> <Pine.GSO.4.64.0811241001430.1597@zeno.ucsd.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 24 Nov 2008 10:07:18 -0800 (PST) Nate Eldredge <neldredge@math.ucsd.edu> mentioned: > Upon reading this, my first question was whether the weakness applies to > the random numbers supplied by /dev/random. If it does, then userspace has > been getting non-random values, and things like PGP and SSH keys could be > compromised. It might be good for secteam to clarify this, IMHO. > Userland applications are unaffected ssh keys included. /dev/[u]?random receives entropy from Yarrow, not from arc4random and feeded with saved entropy upon boot by /etc/rc.d/initrandom. Only kernel services that rely on arc4random(9) is vulnerable. - -- Stanislav Sedov ST4096-RIPE -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAkkrI2cACgkQK/VZk+smlYGvrwCfTEuy+4AIk/b6l6bxRX0tcVs0 PZMAniLO3ltjq5232cErhAtB7u5SJI4J =UmVN -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081125005755.d962ddf0.stas>