GNU bug report logs -
#22202
24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Previous Next
Reported by: Demetri Obenour <demetriobenour <at> gmail.com>
Date: Fri, 18 Dec 2015 10:09:01 UTC
Severity: normal
Tags: security
Found in version 24.5
Done: Eli Zaretskii <eliz <at> gnu.org>
Bug is archived. No further changes may be made.
Full log
View this message in rfc822 format
>> That last patch would still improve matters. The user would have
>> to be publishing the output of their PRNG to begin with in order
>> for the attacker to analyse it and guess the seed. (I don't know
>> how one could do that but that's no proof that it's impossible.)
>
>I don't even understand how that could be possible.
Me either, but that doesn't make it impossible. (There are articles
on the web demonstrating such feats, if you're interested.)
>> What Demetri has just described is what I would do.
>
>Now I'm confused: do what?
As I understand it: Provide a function callable from lisp that returns
a cryptographically secure sequence of random bytes, of a specified
length. Use that function to generate the server secret.
>We still need to support 'random' with an
>argument, so we cannot get rid of seeding a PRNG with a known value.
>And I didn't want to remove srandom.
Given the above, we could leave "random", etc., as they are, or we
could use a better PRNG and/or seed with system entropy. It would
no longer be tied up with this issue report.
This bug report was last modified 9 years and 180 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.