Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

To: Sam Morris <sam@robots.org.uk>
Cc: debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
From: Florian Weimer <fw@deneb.enyo.de>
Date: Wed, 14 May 2008 19:16:13 +0200
Message-id: <[🔎] 87wslwlsbm.fsf@mid.deneb.enyo.de>
In-reply-to: <[🔎] pan.2008.05.14.09.14.17@robots.org.uk> (Sam Morris's message of "Wed, 14 May 2008 09:14:17 +0000 (UTC)")
References: <87od7az9v4.fsf@mid.deneb.enyo.de> <[🔎] 49bfd93c9ebbed9fc25e42e3402c3ddd@mail.steenfamilies.com> <[🔎] 200805132045.04871.jluehr@gmx.net> <[🔎] 482A5826.9020901@glimmer.demon.co.uk> <[🔎] 20080514023954.GC20663@khazad-dum.debian.net> <[🔎] 1210744798.6402.7.camel@hidalgo> <[🔎] pan.2008.05.14.09.14.17@robots.org.uk>

* Sam Morris:

> I agree it would be neat if someone with a powerful machine could 
> generate all possible keys. I don't know how long that would take 
> however...

It's not so much a time issue, is a question of storage (or getting that
data to the OpenSSH server).  A networked service would be feasible, but
it would also allow some sort of traffic analysis.

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

References:
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: daniel@steenfamilies.com <daniel@steenfamilies.com>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Jan Luehr <jluehr@gmx.net>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Nick Boyce <nick@glimmer.demon.co.uk>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Yves-Alexis Perez <corsac@debian.org>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Sam Morris <sam@robots.org.uk>

Prev by Date: openssl / x509 certs
Next by Date: Re: [SECURITY] [DSA 1576-1] New openssh packages fix predictable randomness
Previous by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Next by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Index(es):
- Date
- Thread