Re: [Full-disclosure] how i stopped worrying and loved the backdoor
Dan just released DakaRand http://dankaminsky.com/2012/08/15/dakarand/ src http://s3.amazonaws.com/dmk/dakarand-1.0.tgz while admitting that Matt Blaze has essentially disowned this approach, and seems to be honestly horrified that I’m revisiting it and Let me be the first to say, I don’t know that this works. this mode would greatly reduce, maybe eliminate the incidence of key duplication in large sample sets (e.g. visibly poor entropy for key generation) the weak keys[0] authors clearly posit that they have detected merely the most obvious and readily accessible poor keys, and that further attacks against generator state could yield even more vulnerable pairs... you have been warned :P the solution is adding hw entropy[1][2] to the mix. anything less is doing it wrong! if you don't have hw entropy, adding dakarand is better than not. 0. Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices - Extended https://factorable.net/weakkeys12.extended.pdf 1. Intel RNG http://lists.randombit.net/pipermail/cryptography/2012-June/002995.html see also by thread: http://lists.randombit.net/pipermail/cryptography/2012-June/thread.html#2995 2. xstore http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/rng_prog_guide.pdf X. LD 50 radiation exposure of the common pigeon. entropy via carrier pigeon (DRAFT) ;P P.P.S: if you're not passing valid hw entropy into VM guests, you're also doing it wrong. even enough passed at boot is sufficient, provided key generation is secure. always a million caveats... and adding dakarand to guests is better than not. On Wed, Jul 18, 2012 at 12:35 PM, coderman coder...@gmail.com wrote: On Fri, Dec 24, 2010 at 5:08 PM, Dan Kaminsky d...@doxpara.com wrote: ... Don't we have hardware RNG in most motherboard chipsets nowadays? clearly not enough of them! 'Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices' https://factorable.net/weakkeys12.extended.pdf ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] debugfs exploit for a number of Android devices
On Wed, Aug 15, 2012 at 6:10 AM, Dan Rosenberg dan.j.rosenb...@gmail.com wrote: ... So many things wrong here. What's actually happening is these devices have a line in their /init.rc scripts, which are run at boot as root by the init process,... some of my favorite stories start this way! ;P ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] how i stopped worrying and loved the backdoor
Yeah, turns out RNG's *aren't* on most motherboards. Thus, DakaRand. The biggest surprise of this entire adventure is that DakaRand seems to work inside of VM's too. Didn't expect that at all. But then, I think it's going to take some time to analyze what's going on here. On Sat, Aug 18, 2012 at 4:00 PM, coderman coder...@gmail.com wrote: Dan just released DakaRand http://dankaminsky.com/2012/08/15/dakarand/ src http://s3.amazonaws.com/dmk/dakarand-1.0.tgz while admitting that Matt Blaze has essentially disowned this approach, and seems to be honestly horrified that I’m revisiting it and Let me be the first to say, I don’t know that this works. this mode would greatly reduce, maybe eliminate the incidence of key duplication in large sample sets (e.g. visibly poor entropy for key generation) the weak keys[0] authors clearly posit that they have detected merely the most obvious and readily accessible poor keys, and that further attacks against generator state could yield even more vulnerable pairs... you have been warned :P the solution is adding hw entropy[1][2] to the mix. anything less is doing it wrong! if you don't have hw entropy, adding dakarand is better than not. 0. Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices - Extended https://factorable.net/weakkeys12.extended.pdf 1. Intel RNG http://lists.randombit.net/pipermail/cryptography/2012-June/002995.html see also by thread: http://lists.randombit.net/pipermail/cryptography/2012-June/thread.html#2995 2. xstore http://www.via.com.tw/en/downloads/whitepapers/initiatives/padlock/rng_prog_guide.pdf X. LD 50 radiation exposure of the common pigeon. entropy via carrier pigeon (DRAFT) ;P P.P.S: if you're not passing valid hw entropy into VM guests, you're also doing it wrong. even enough passed at boot is sufficient, provided key generation is secure. always a million caveats... and adding dakarand to guests is better than not. On Wed, Jul 18, 2012 at 12:35 PM, coderman coder...@gmail.com wrote: On Fri, Dec 24, 2010 at 5:08 PM, Dan Kaminsky d...@doxpara.com wrote: ... Don't we have hardware RNG in most motherboard chipsets nowadays? clearly not enough of them! 'Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices' https://factorable.net/weakkeys12.extended.pdf ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
