[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: SecureW2 TLS security problem

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Re: SecureW2 TLS security problem
From: "Dave Korn" <davek_throwaway@xxxxxxxxxxx>
Date: Fri, 23 Sep 2005 14:05:54 +0100

----Original Message----
>From: Simon Josefsson
>Message-Id: ilumzm4qefr.fsf@xxxxxxxxxxxxxxxxxxx

> Hi everyone!  I was looking at the code for a TLS implementation, an
> open source implementation "SecureW2" by Alfa & Ariss, see:
>
> http://www.securew2.com/uk/index.htm
>
> I found that it uses weak random numbers when generating the
> pre-master-secret.  The code is in "./Components/Common/release
> 3/version 0/source/CommonTLS.c" and quoted below.
>
> It appear to be using the weak srand/rand functions seeded by the
> milliseconds field from the system clock.  That doesn't provide you
> with 48 bytes of strong randomness, you are lucky to get even a few
> bytes.

  I'm not impressed by the modulo 255 operation either!


>         //
>         // Random bytes
>         //
>         for( i=2; i < TLS_PMS_SIZE; i++ )
>                 pbPMS[i] = ( BYTE ) ( rand() % 255 );

  Both that and the use of rand are indicators of serious lack of
programming skill/experience.


    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] SecureW2 TLS security problem
  - From: Simon Josefsson

Prev by Date: Re: [Full-disclosure] SAP Security Contact
Next by Date: RE: [Full-disclosure] PGPNet Upgrade path ?
Previous by thread: [Full-disclosure] SecureW2 TLS security problem
Next by thread: [Full-disclosure] SAP Security Contact
Index(es):
- Date
- Thread