Thursday, May 15, 2008

Security through blind faith

Looks like security through obscurity was yesterday, today people tend to prefer security through blind faith as amazingly demonstrated by the Debian/OpenSSL fuckup. So what happened there? Clueless Debian maintainer messed around with code that they didn't understand and tried to fix bugs that weren't there, result was that the random number generator of OpenSSL wasn't all that random any more, in fact, not at all.

The amazing thing about this is how easy it is to detect this missshape, you don't need to know much about crypt or really anything for that matter. All you need to know is that the keys generated by ssh-keygen should be random and thus unique. They however aren't, easily demonstrated with a bit of Shell. Just launch three terminals and start:

First Terminal:
# generate keys
for i in `seq 1 1000000`; do
ssh-keygen -t rsa -N "" -f /tmp/keys/key${i};
done

Second Terminal:
# Check if there are collisions:
while true; do
sleep 30;
clear;
md5sum *.pub | cut -c "1-33" | sort |uniq -c | sort -n | grep -v "^ 1";
done

Third Terminal:
# Launch lots of processes to let the PID overflow
while true; do /bin/echo -n .; done

The third terminal isn't even needed, it will just speed up the process quite a bit, because the PID is the only thing of random left in the key generation process. You can reboot to accomplish the same if you prefer.

This teaches us that even the most trivial things aren't checked when it comes to security. People pack stuff, mess around with it, ship it to millions of users and never once actually check that what they ship actually performs as intended. Its really kind of shocking how easy it is to detect this misshape and how it could go been undetected for so long. There seems to have been a lot of blind faith involved that stuff will 'just work' without ever questioning or checking that it actually does what it was supposed to do.

No comments: