Debian OpenSSL Predictable PRNG Toys
Popularity Report
 |
|||
|
|||
|
|||
|
|||
|
|||
|
Rank
URL Tag Cloud
- debian
- , security
- , ssh
- , openssl
- , ubuntu
- , linux
- , openssh
- , crypto
- , ssl
- , cryptography
- , bug
- , development
- , explanation
- , administration
- , Software
- , cool
- , tools
- , comics
- , encryption
Bookmark History
Saved by 8 people (0 private), first by anonymouse user on 2008-05-15
- Robertreeddaly on 2009-09-23 - Tags no_tag
- Mmkassem on 2008-05-25 - Tags debian , openssl , openssh , security , cryptography , ubuntu
- Mvance on 2008-05-19 - Tags no_tag
- Jackbaty on 2008-05-18 - Tags linux , security , ssh
- Unicyn on 2008-05-16 - Tags administration , article , comics , crypto , debian , development , encryption , openssh , security
Public Sticky notes
These lines were removed because they caused the Valgrind and Purify tools to produce warnings about the use of uninitialized data in any code that was linked to OpenSSL. You can see one such report to the OpenSSL team here. Removing this code has the side effect of crippling the seeding process for the OpenSSL PRNG. Instead of mixing in random data for the initial seed, the only "random" value that was used was the current process ID. On the Linux platform, the default maximum process ID is 32,768, resulting in a very small number of seed values being used for all PRNG operations.
Highlighted by fmavituna
Public Comment