[albatross-users] ModularSessionFileApp and windows
Andrew McNamara
andrewm at object-craft.com.au
Fri Apr 5 20:59:31 EST 2002
>> I have some concerns about the use of the "random" module for generating
>> session keys: they're seeded from the real-time clock, which means an
>> attacker can make a close guess at when a session was started (within
>> a minute or so), and they can then brute-force guess the session ID.
>
>On Linux and BSD at least, wouldn't it be possible to read some random
>bytes from /dev/random or /dev/urandom each time a session key was
>required? My understanding is that these devices collect random bytes
>from noise on the system bus or somesuch. It is the diesel engines which
>makes buses noisy, isn't it?
Yep - and Albatross already does this on systems that have /dev/urandom
(BTW, Solaris has an optional user-mode emulation of /dev/urandom):
this is why I didn't see the name-space clashes in my testing.
Kernel /dev/random drivers collect entropy from as many external sources
as they can find (interrupts, network timings, mouse and keyboard,
and block I/O timings).
In linux, at least, this is then fed through an SHA hash to ensure
an attacker can't derive any information about the internal state of
the entropy pool. /dev/random blocks when the entropy pool is exhasted,
whereas /dev/urandom doesn't (essentially becoming a pseudo random number
generator, albeit a crypographically secure one).
--
Andrew McNamara, Senior Developer, Object Craft
http://www.object-craft.com.au/
More information about the Albatross-users
mailing list