Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Random number generator attack
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
===Debian OpenSSL=== In May 2008, security researcher [[Luciano Bello]] revealed his discovery that changes made in 2006 to the random number generator in the version of the [[OpenSSL]] package distributed with [[Debian]] [[Linux]] and other Debian-based distributions, such as [[Ubuntu (operating system)|Ubuntu]], reduced the total entropy to the process id and made a variety of security keys vulnerable to attack.<ref> {{cite web |title=DSA-1571-1 openssl -- predictable random number generator |url=http://www.debian.org/security/2008/dsa-1571 |work=[[Debian]] Security Advisory |date=13 May 2008}} </ref><ref> {{cite web |title=CVE-2008-0166 |url=https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0166 |work=[[Common Vulnerabilities and Exposures|CVE]] |date=January 9, 2008 |quote=OpenSSL 0.9.8c-1 up to versions before 0.9.8g-9 on Debian-based operating systems uses a random number generator that generates predictable numbers, which makes it easier for remote attackers to conduct brute force guessing attacks against cryptographic keys.}} </ref> The security weakness was caused by changes made to the openssl code by a Debian developer in response to compiler warnings of accessing [[Uninitialized variable|uninitialized memory]].<ref> {{cite web |title=Random Number Bug in Debian Linux |url=https://www.schneier.com/blog/archives/2008/05/random_number_b.html |author=Schneier, Bruce |date=May 19, 2008}}</ref> This caused a massive worldwide regeneration of keys, and despite all attention the issue got, it could be assumed many of these old keys are still in use. Key types affected include [[Secure Shell|SSH]] keys, [[OpenVPN]] keys, [[DNSSEC]] keys, key material for use in [[X.509 certificate]]s and [[session key]]s used in [[SSL/TLS]] connections. Keys generated with GnuPG or GNUTLS are not affected as these programs used different methods to generate random numbers. Keys generated by non-Debian-based Linux distributions are also unaffected. The weak-key-generation vulnerability was promptly patched after it was reported, but any services still using keys that were generated by the old code remain vulnerable. A number of software packages now contain checks against a weak key blacklist to attempt to prevent use of any of these remaining weak keys, but researchers continue to find weak key implementations.<ref>{{Cite web | url=http://theregister.co.uk/2015/06/03/compromised_ssh_keys_used_to_access_uk_govt_spotify_github_repos/ |title = Compromised SSH keys used to access Spotify, UK Govt GitHub repos|website = [[The Register]]}}</ref>
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)