URGENT: RNG broken for last 4 months
Ed Maste
emaste at freebsd.org
Tue Feb 17 19:39:51 UTC 2015
On 17 February 2015 at 13:15, Ed Maste <emaste at freebsd.org> wrote:
>
> One other point - this only applies to keys generated while running on
> a kernel in that range. If you previously generated keys and then
> upgraded to r273872 or later there's no concern with respect to key
> randomness from this issue.
One further followup, it's been pointed out that a lack of entropy can
leak DSA private key material. See for example:
http://rdist.root.org/2010/11/19/dsa-requirements-for-random-k-value/
https://www.imperialviolet.org/2013/06/15/suddendeathentropy.html
In other words, an existing key does not become less random as a
result of this flaw (which is the point I was trying to make), but it
the flaw could cause it to be exposed.
More information about the freebsd-current
mailing list