Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Tue, 28 Apr 2015 08:52:34 +0300
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Subject: Re: CVE request: kernel overestimates the available entropy in random pools

On Mon, Apr 27, 2015 at 10:02:10PM -0400, Wade Mealing wrote:
> "When we write entropy into a non-empty pool, we currently don't
> account at all for the fact that we will probabilistically overwrite
> some of the entropy in that pool.  This means that unless the pool is
> fully empty, we are currently *guaranteed* to overestimate the amount
> of entropy in the pool!"

This is a fine description, albeit one not explaining whether there's
practical impact or not, and what it is.  This might be fatal or it
might be a non-issue depending on what exactly happens under the hood.

> The impact of this issue could be to a downgrade the kernels true
> RNG to a pseudo-RNG. 

To me, this is a non-description continuing the usual confusion about
/dev/random vs. /dev/urandom.  These do differ, but not in that way.

http://www.2uo.de/myths-about-urandom/

"Myths about /dev/urandom
[...]
/dev/urandom is a pseudo random number generator, a PRNG, while
/dev/random is a true random number generator. 

Fact: Both /dev/urandom and /dev/random are using the exact same CSPRNG
(a cryptographically secure pseudorandom number generator). They only
differ in very few ways that have nothing to do with true randomness."

I don't object to this getting a CVE ID assigned and being treated as a
vulnerability (which might or might not be required).  I object to us
trying to use simple and wrong wording to paper over a non-trivial and
controversial topic.  (There are also simple words that are not wrong,
but they won't address this specific bug's impact or lack thereof.)

If we don't know whether there's impact and what it is, just say so.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.