Random Numbers: Too Important to be Left to Chance (and a $600 6Ghz spectrum analyzer)

Yes, I did pick this link because the headline was too awesome not to.

In a nutshell, some recent versions of NetBSD (predating January of this year) have a problem in the PRNG that compromises SSH and SSL keys. Upgrade, etc. And always make sure you have equally secure and comprehensive lines of defense that aren’t conventional crypto: defense in depth for the win!

For the TSCM crowd and assorted paranoids… this is AWESOME. A 1Mhz-6Ghz spectrum analzyer, the size of a USB stick, for $600:

Sadly it’s capped at 6Ghz and only gets you down to -100dB or so, so it’s not going to help you with the exotic stuff. And UWB/etc takes different gear entirely.


“The brains behind NetBSD have warned a bug in the open-source OS creates weak cryptographic keys that can be cracked by attackers. Users attempting to secure sensitive communications, such as SSH terminal connections, using the dodgy keys could be easily snooped on and decrypted.

The use of a cryptographically flawed pseudo random-number generator in NetBSD 6.0 means that potentially predictable keys were generated. Versions of NetBSD-current older than 26 January 2013 are affected. NetBSD 5.1 and 5.2 do not suffer from the bug, which is due to be fixed in NetBSD 6.1. Until then users need to update their kernels to builds created after 26 January.

Many types of cryptographic keys (including SSH and SSL session keys) generated on affected systems may be weak. A sizeof() blunder introduced data that wasn’t sufficiently random for cryptography.

Sys admins are advised to generate new keys after updating the NetBSD kernel software, as explained in an advisory from the NetBSD Foundation.

“For systems newly set up with NetBSD 6, all SSH host keys are suspect,” the advisory explains. “Other persistent cryptographic secrets (for example, SSH or SSL keys of any type) generated using /dev/urandom on NetBSD 6 systems which may have had insufficient entropy at key generation time may be impacted and should be regenerated.”

The first version of the advisory was published late last month prior to publication of an update with a stronger warning that caught the eye of crypto experts such as Ivan Ristic, an open-source advocate who runs the SSL Labs service.”

%d bloggers like this: