Beefy Boxes and Bandwidth Generously Provided by pair Networks
more useful options
 
PerlMonks  

Re^6: Your random numbers are not that random (UtS,L)

by cavac (Chaplain)
on Jul 22, 2012 at 19:40 UTC ( #983082=note: print w/ replies, xml ) Need Help??


in reply to Re^5: Your random numbers are not that random (UtS,L)
in thread Your random numbers are not that random

but password/session key generation can be made reasonably secure even with a nonfunctional RNG

Really? How? That is a pretty big assumption.

How do you protect against predictably generated keys? Say, if the device does not have a hardware clock (and this one doesn't) and the program is started as part of the startup scripts, you end up with a very predictable set of constraints (process id, system time, memory layout, ...).

While it may take a lot of raw processing power to compute the tables, you may only have to do it once. So, access to a bunch of high performance computers with good GPU's and a week or two of waiting may be all that's needed. Say, a few computers optimized for bitcoin mining. Or an attacker could just rent a botnet for a say or two.

Even if it's only "session keys" that expire after a few minutes. The encrypted data can be stored and decrypted later. With any luck, the session contains a few passwords or other sensitive information that are valid much longer.

You see, there is no "reasonable" security. It either works, or it doesn't.

"I know what i'm doing! Look, what could possibly go wrong? All i have to pull this lever like so, and then press this button here like ArghhhhhaaAaAAAaaagraaaAAaa!!!"


Comment on Re^6: Your random numbers are not that random (UtS,L)
Re^7: Your random numbers are not that random (UtS,L)
by Anonymous Monk on Jul 22, 2012 at 20:21 UTC

    A very predictable set of constraints and a few KB of salt.

Re^7: Your random numbers are not that random (UtS,L)
by BrowserUk (Pope) on Jul 22, 2012 at 20:22 UTC
    You see, there is no "reasonable" security. It either works, or it doesn't.

    The 6-pin rim lock and 2 deadbolts on my front door can be defeated by a Challenger 2, but given the likely risks, they form "reasonable security".

    Overstatement of risk is as damaging as understatement.


    With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority".
    In the absence of evidence, opinion is indistinguishable from prejudice.

    The start of some sanity?

      You are right, of course.

      Problem is, in cryptography there are probably only a handful of people worldwide for each algorithm that can actually tell you which parts of the system you can leave out and while only degrading the encryption product from "secure" to "still reasonable secure". Even a single, small error can lead to "not secure at all".

      So, what i meant is, a non-specialist should assume that he/she can only turn the "secure" switch on and off but has probably not the knowledge to tweak it into a point somewhere inbetween.

      As Dan Kaminsky said about the Debian SSL desaster (the non-randomness introduced to fix a memory access bug that wasn't one): "You know, it's not a private key if there's only 1 out of 65.000 of them". Youtube Video at 21:00. There is more on Dan's Blog.

      "I know what i'm doing! Look, what could possibly go wrong? All i have to pull this lever like so, and then press this button here like ArghhhhhaaAaAAAaaagraaaAAaa!!!"

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://983082]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others taking refuge in the Monastery: (9)
As of 2014-07-31 20:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (253 votes), past polls