Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 25 Nov 2008 00:57:55 +0300
From:      Stanislav Sedov <stas@FreeBSD.org>
To:        Nate Eldredge <neldredge@math.ucsd.edu>
Cc:        freebsd-security@freebsd.org
Subject:   Re: [FreeBSD-Announce] FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random
Message-ID:  <20081125005755.d962ddf0.stas@FreeBSD.org>
In-Reply-To: <Pine.GSO.4.64.0811241001430.1597@zeno.ucsd.edu>
References:  <200811241747.mAOHlDSE034716@freefall.freebsd.org> <Pine.GSO.4.64.0811241001430.1597@zeno.ucsd.edu>

next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, 24 Nov 2008 10:07:18 -0800 (PST)
Nate Eldredge <neldredge@math.ucsd.edu> mentioned:

> Upon reading this, my first question was whether the weakness applies to 
> the random numbers supplied by /dev/random.  If it does, then userspace has 
> been getting non-random values, and things like PGP and SSH keys could be 
> compromised.  It might be good for secteam to clarify this, IMHO.
> 

Userland applications are unaffected ssh keys included. /dev/[u]?random
receives entropy from Yarrow, not from arc4random and feeded with saved
entropy upon boot by /etc/rc.d/initrandom.

Only kernel services that rely on arc4random(9) is vulnerable.

- -- 
Stanislav Sedov
ST4096-RIPE
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAkkrI2cACgkQK/VZk+smlYGvrwCfTEuy+4AIk/b6l6bxRX0tcVs0
PZMAniLO3ltjq5232cErhAtB7u5SJI4J
=UmVN
-----END PGP SIGNATURE-----



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081125005755.d962ddf0.stas>