On Mon, Mar 12, 2007 at 02:34:02PM +0800, Thomas Goirand wrote:
> Julien Cristau wrote:
> > Package: dtc-xen
> > Version: 0.2.6-5
> > Severity: important
> > Tags: security
> >
> > Hi,
> >
> > dtc-xen creates an ssl certificate in its postinst, using
> > "${RANDOM}${RANDOM}" as the passphrase. This is obviously insecure.
> >
> > Cheers,
> > Julien
>
> What do you suggest? Should I use mktemp to get the random values
> instead? Why is it insecure? Is ${RANDOM} predictable?why is it insecure ? that is a good joke, really. you use $RANDOM$RANDOM, not only this does not work in every sh, but it's only 32 bits of entropy (and not necessarily good one). Meaning that you can attack it brute-force and crack it in 10^9 attempts in the worst case, and I expect better implementations knowing that the "password" only contains digits. if you want better passwords, do smething like: dd if=/dev/random bs=64 count=1 2>|/dev/null | md5sum | cut -d' ' -f1 looks like a really better guess. If you use that often you may want to use /dev/urandom since /dev/random is a blocking device. Here I use something that has 32 hexa digits, meaning 32 * 4 = 256bits of entropy. From a random source, where I read 64*8 = 1k bits of entropy. _that_ is incredibly safer. If you want to refine it, you could use base64encoding rather than md5sum, you would have a shorter passphrase for the same entropy. -- ·O· Pierre Habouzit ··O [EMAIL PROTECTED] OOO http://www.madism.org
pgpo60t6bPB48.pgp
Description: PGP signature
