Date: Wed, 15 Jan 2014 11:25:15 -0800 From: Xin Li <delphij@delphij.net> To: Darren Pilgrim <list_freebsd@bluerosetech.com>, freebsd-stable@freebsd.org Subject: Re: [FreeBSD-Announce] FreeBSD Errata Notice FreeBSD-EN-14:01.random Message-ID: <52D6E09B.4000506@delphij.net> In-Reply-To: <52D6BF9C.8070405@bluerosetech.com> References: <201401142011.s0EKBoi7082738@freefall.freebsd.org> <52D6BF9C.8070405@bluerosetech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 01/15/14 09:04, Darren Pilgrim wrote: > On 1/14/2014 12:11 PM, FreeBSD Errata Notices wrote: >> III. Impact >> >> Someone who has control over these hardware RNGs would be able >> to predicate the output from random(4) and urandom(4) devices and >> may be able to reveal unique keys that are used to encrypt data. > > This is good to know, but I have to wonder: > > If the attacker has that level of access to the hardware, I would > expect one of two things is also true: > > 1. If you're on "bare metal", the attacker has firmware-level or > physical access to the machine; 2. If you're on a hypervisor, you > can't trust the hypervisor; > > In both cases, I would think the attacker can use much simpler, > more direct vectors and you have much worse things to worry about > than the quality of /dev/random. I'm not questioning the validity > of the advisory, I'm genuinely curious about this. I can't think > of a scenario were someone could attack /dev/random using this > vector without 1 or 2 above also being true. Not necessarily. An attacker may plant a (well, technically) trapdoor which weaken the keys but not to the extent to expose a easy-to-find issue by manipulating the random number generator. At a later time, the attacker may be able to use this advantage to do bad things, like it may take very limited time or resource to decrypt data from the victim system, *without* having any direct access to the system. Cheers, - -- Xin LI <delphij@delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJS1uCbAAoJEJW2GBstM+nsIsQP/RUDzsi9AbSEpUBudpOF+WHN WBLC66rKBavnB32LSi4QFCNq5EtjnjyaWD4dl1wlSgtw+I0eOfA4ATX5DKTESBpL aByB+Gtdg6vtMrexmaUSITqlp402lY6mB9ekKCWnbXaHmo2AzTaibkgmrmUMJ5sM PLc2hR38Gn0Lb8cy9OYfbdZxDeofM1TsgtKLtgEnbwaB/20xRsEQQ4SELawnJ6vV IvSXJgQYvWMq1VbD8+5EK5DRkRHpqWlIGFEz/ioMqfvbFfpI0OAqabLk/UzGUz3Y zqFQDoVn6ttz1GfM5TuKCX7LdcICeTpiHOf0HCGiK0ajPTPddBD75BDzIWqucVy2 h6ZQYKJNVkCj3EY5eVHM6mD8ezYvUk8U7GwhVgzbhouXqMpYhXi9VWx/m40Z+08c Jpb0dMh4cvjb0//d6ahkizlVLTOFwAJDnLBZuZqnm+cvRhdCZMJVrz24tAxpYcP7 Zo7FxN9zbCadv+OTaajBhLBogG0vAAqydIUKRMAUv8nZU31vnu6bkyw58Y4Ce8Fs IYutyFlLSZNKAp0HLR+X3kYTpdjly7k65F8OVComOdjM9FSqz2x+vldmxKAyX17e 2Lu48ozefkEcIbW7BgY5ZYhK9qmnxERzxPYZniX8VoK7x0tkMhvHAbrqXWwctwY5 xVYdIkfZt3CIVjE5oUVA =ZzTR -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?52D6E09B.4000506>