Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

To: Florian Weimer <fw@deneb.enyo.de>
Cc: Sam Morris <sam@robots.org.uk>, debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Wed, 14 May 2008 22:03:14 -0300
Message-id: <[🔎] 20080515010314.GC3415@khazad-dum.debian.net>
In-reply-to: <[🔎] 87wslwlsbm.fsf@mid.deneb.enyo.de>
References: <87od7az9v4.fsf@mid.deneb.enyo.de> <[🔎] 49bfd93c9ebbed9fc25e42e3402c3ddd@mail.steenfamilies.com> <[🔎] 200805132045.04871.jluehr@gmx.net> <[🔎] 482A5826.9020901@glimmer.demon.co.uk> <[🔎] 20080514023954.GC20663@khazad-dum.debian.net> <[🔎] 1210744798.6402.7.camel@hidalgo> <[🔎] pan.2008.05.14.09.14.17@robots.org.uk> <[🔎] 87wslwlsbm.fsf@mid.deneb.enyo.de>

On Wed, 14 May 2008, Florian Weimer wrote:
> > I agree it would be neat if someone with a powerful machine could 
> > generate all possible keys. I don't know how long that would take 
> > however...
> 
> It's not so much a time issue, is a question of storage (or getting that
> data to the OpenSSH server).  A networked service would be feasible, but
> it would also allow some sort of traffic analysis.

I did mean putting a lot of brain grease on it.  Math might shorten the
need for a monstrous lookup table quite a bit, since randomness is not
an issue anymore.   Or it might not.  I am not qualified or skilled on
the math needed for such analysis to really know.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

Follow-Ups:
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: daniel@steenfamilies.com <daniel@steenfamilies.com>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Jan Luehr <jluehr@gmx.net>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Nick Boyce <nick@glimmer.demon.co.uk>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Yves-Alexis Perez <corsac@debian.org>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Sam Morris <sam@robots.org.uk>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: [SECURITY] [DSA 1571-1] vulnerability of past SSH/SSL sessions
Next by Date: Re: [SECURITY] [DSA 1571-1] vulnerability of past SSH/SSL sessions
Previous by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Next by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Index(es):
- Date
- Thread