2.4.7: random.c - potential security problem

2.4.7: random.c - potential security problem

[Ulrich Windl]

Hi,

maybe some of you find this interesting: Yesterday I was grepping for 
some variable in the source tree when I ended up in 
drivers/char/random.c. There I noticed that the driver uses wall time 
to re-seed the TCP sequence numbers for example. This means that no re-
seeding takes place if the clock is set back a significant amount of 
time, e.g. if the CMOS clock failed or was completely off.

I don't know if the problem is severe, but I thought I tell you.

Regards,
Ulrich
P.S. Not subscribed to this list

Re: 2.4.7: random.c - potential security problem

[Ulrich Windl]

On 10 Aug 2001, at 7:03, linux@horizon.com wrote:

> The test is "if ((t - rekey_time) > REKEY_INTERVAL)", where rekey_time is *unsigned*.
> 
> Thus, if t ever drops below rekey_time (large backward time jump), the difference
> will be a large number and it will be rekeyed.

Thanks,

first at school they try to teach you about negative numbers, then with 
computers you have to forget about them again. Sorry abou the 
confusion, I never felt save with type promotion rules in C.

> 
> Setting the time back by a small amount, less than REKEY_INTERVAL, can stretch the time,
> but it's hard to think if a reasonable application where that will happen often enough
> in a row to seriously stretch the rekey interval.

Yes!

Ulrich