Re: Randomness Attacks Against PHP Applications

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/17/2012 10:58 AM, Raphael Geissert wrote:
> On Monday 17 September 2012 10:36:46 Josh Bressers wrote:
> > > On Wed, Aug 22, 2012 at 02:31:07PM +0400, Solar Designer
> > > wrote: Maybe these PoCs will help convince someone.
>
> Just a note regarding the sessionid case: IIRC since 5.4 
> session.entropy_length is set to, erm, 32 (bytes.) Basically it
> appends N bytes from /dev/urandom to the other input for the digest
> and then it is computed. (why 32 bytes, and why still use md5 by
> default, well...)
>
> > I'm skeptical they will. I've been doing a lot of work for the
> > past year on various proactive security efforts. I keep coming
> > back to two basic things.
> [...]
> > Has anyone tried to talk to them about this further to see if the
> > issue is they don't understand, or are they being stubborn?
>
> I think the main problem is education. For instance, there is no
> word about mt_rand not being suitable for criptographic pourposes
> (much less what that means.)

Agreed. One example of a similar problem with good images displaying
the issue clearly:

http://lcamtuf.coredump.cx/newtcp/

> Sure, searching for "crypt" in the page shows a few comments saying
> that it isn't suitable, but: a) there are far more "encryption
> functions", "random password generators", and similar stuff in the
> comments than those that do mention its weaknesses. b) the official
> documentation itself doesn't say a word. It should say it loud and
> clear.
>
> Comments should also be moderated. Many examples available as
> comments in the documentation are incorrect.
>
> Now, pointing it out is easy, but somebody has to actually do the
> work. *That* is another issue.
>
> Cheers,


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQV8y7AAoJEBYNRVNeJnmTMsYP/jMjcOslDu6l8aoxpSqNcFmB
hdRaVRNxBh3A/IK0Vg0syR1vmP8ShFlJCEZ9XUc+8v0E/s75EO6fWNsntKTSZY5s
A646R13ENc46aPhBi2feO7PX/bVTsJVvwVMMrKLlwTWIGoyfbemAjkWRE5VBwr6x
U+R1tp97wpK65LGjwmImgzCJMUqBXGuemm+jpJTMBltcACKvGp7h28wfJL66UR76
mSV0F7YisjZ3gKHv5DmKxlzVRNx9KcKM3qaMjWVuAIicMz3CBsbJ68WXVRbraV0Q
dXtkh5Uo/dfnfjXC6rPAMwkqOb7tdIB076alxTq16C2hbXrUVgroysJ4C4v16XTk
qkZOH6jcZYWiQai/tDQA/DNAsKbBTNj8N6JRX7y1i0d8l1SGv+fbGtG2qTeZEs5R
XhoVxKpEQUWrEU5yi7ToVasjqXUrE4cvD3n6RUX0s6IODjbm6Zbow/+F4PWIFJWF
wr2GC9nGn3RKicLxi+/mUWgtukZljfneYJu0i+R9DPDjwd0IxgpaWre3c//JurK5
AVX9clRdEEUZD4chzqDRdzv2xmJLDcevOo29s2XC8DzePWGRO+D7t+RhQkQ4C7JB
AaZyGKCr9tosPKUVWm7UGIAWxvHaIBsvfcH6V+lGSMkeyCIeAYFV+cWjgP/aZnno
Xeicv9GFtZPRw5ThRyFi
=D8kI
-----END PGP SIGNATURE-----