oss-sec mailing list archives
Re: CVE for crypto_get_random() from libsrtp
From: Scott Arciszewski <scott () paragonie com>
Date: Fri, 31 Jul 2015 09:38:52 -0400
On Fri, Jul 31, 2015 at 8:47 AM, Adam Maris <amaris () redhat com> wrote:
Hello, I've got question whether this bug (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793971) is CVE-worthy? Could it be classified as CWE-330: Use of Insufficiently Random Values? According to the SRTP documentation (http://srtp.sourcearchive.com/documentation/1.4.2.dfsg/group__SRTP_g1d4c228c6a58096dfab3cefbabd66f17.html), it provides 80 bits of random data, which is quite a borderline. Thanks. -- Adam Maris / Red Hat Product Security
I would consider 80 bits insufficient for cryptography, but it's not really exploitably weak (like, say, rand() would be). Whether or not it warrants a CVE is obviously MITRE's discretion. 2^80 is out of reach for most people to brute force in 2015 (maybe even for intelligence agencies), but 2^100 is generally the lower bound of acceptable. Just my $0.02. Scott Arciszewski Chief Development Officer Paragon Initiative Enterprises <https://paragonie.com>
Current thread:
- CVE for crypto_get_random() from libsrtp Adam Maris (Jul 31)
- Re: CVE for crypto_get_random() from libsrtp Scott Arciszewski (Jul 31)
- Re: CVE for crypto_get_random() from libsrtp Michael Samuel (Aug 01)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Jeremy Stanley (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Adam Maris (Aug 11)
- Re: CVE for crypto_get_random() from libsrtp Michael Samuel (Aug 20)