How badly debian/ubunutu openssl is fscked up?
May 13th, 2008
Executive Summary: BADLY!
At first I want to admit that this test may be silly but is fast and simple
All test were done on my Lenovo Z61p running recent Fedora9 – debian openssl was compiled from source
So, how to test what commenting out one line in openssl code changes?
Let’s generate some random numbers using openssl. Quick, dirty and lame solution:
$ for i in `seq 100000`; do ./openssl rand -base64 40 >> test; done
and now quick check for randomness of this data:
$ wc -l test; cat test | sort| uniq -c | sort | tail
Results:
Fedora openssl:
mag@viper:~$ wc -l test
100000 test
mag@viper:~$ wc -l test; cat test | sort| uniq -c | sort | tail
100000 test
1 ZzvfJF8Sh8s59kU+/hNoK8F4FfbyIoG7qY9NObjd24PwvMzm6CHuzw==
1 ZZVN89z8LONs8nbk49enpEYbm47iZF8bFc0kvFwyEr0MzLuzOiQqQA==
1 zZwbc+wuPBMCdR6gEXjkkaxrFF+Capaw8INv0DPhi8paqcTbvxX86w==
1 ZZx1dP0xMsceZl9ozVeUvQgEP9AmE/56a+CgdIO8kCCDI6DdDTrxeA==
1 zzxnavFvysTxniMWv+a0Rxyu1XtCZ2UZN5pVAB3b5FAtIZx+5EttqA==
1 ZzyKbqW87iekJtK9niDu0FwKnR5ENXnKdKJFcCbNAp2qqEw9yrTn5A==
1 zZZ9K7L4n7qKH5E5GYDaIZLchQvSn7e/g1FPL8SmZF+NW+1i3H3XRw==
1 Zz/z9kwIDywXrxtrTNmWy9gFGGcass9k3g8fe8DTae3lCiAukILUtg==
1 +zZ/ZKKqv5YQagg3HSpp2hLrFSuPIRRg0nDOEwZ2hf935Gk6zS7TFA==
1 zZZwoogf3Ib5Xg9WMnMU/4IP2mbbvXhuecSnofxqscLg1QpA4R6N3g==
Everything looks fine all seeds are unique, now debian openssl:
Debian openssl:
mag@viper:~/tmp/openssl-0.9.8g/apps$ wc -l test
100000 test
mag@viper:~/tmp/openssl-0.9.8g/apps$ wc -l test; cat test | sort| uniq -c | sort | tail
100000 test
4 zYgla7UVURkIGH9Bol2otXKSTYfr/NBIVZa/68FKeidHgbtSAIVNog==
4 zYJLIAIxG8AMtrf6smNMsdZFBADCQPyuZHQTmGFWnJg6PwESLL2e8g==
4 ZyKePqCM93yGcYkNxlHJ0/y7ZOhAEtXJyyi4H6JVzUcRpe+2zhJeZg==
4 zyuCidG1FPJm8Ut4CshJvI5A+g3SDvmFZ4lIN+ESUCA/m8DU1aJ5ww==
4 ZZbFf3M7R0Pl+VPkJD9TJzsqSVbgCxydAJVzS8f752pYfXCyzVNP1g==
4 zzrbuvwbw8XN61Bygi8KEKMUI7qOVZmQmglJYua/Zp7dDFH/Z45mJQ==
4 zztQ5wdvkWiwCIEJpkSvyqkrVgb32UccogSmZwNRlLH7ieIZvXU+/A==
4 zZUGNwhNUFHCdkPnHFYW0ME1+MlFwSo3eb1rLOwjDfL5FyHHqvFQ4g==
4 zZVYlHlCIH4XHveWvvWgES2AwHuhy3aiIQk2JvyE7T3VKdNCWZU9QA==
4 zzZPx/Z5iE29WkCpTVKunmo102m4p3GYHzXZ6B/TRgKSUFkJScGVqA==
Quick interpretation of results – first column is count of repeating seed. So in 100000 tries debian openssl random() generated 4 times same 40 byte string.
This was used for openssh/ssl/etc key generation…
Conclusion: debian openssl was UNABLE to generate random numbers AT ALL!
and nobody noticed :-/
I leave the rest to you, happy regenerating all CA and ssl certificates. I only wonder what if Verisign or other “trusted” company used this for main CA generation.
If you think something is terribly wrong with this test please comment
May 17th, 2008 at 3:29 pm
May 14th, 2008 at 6:12 am
May 14th, 2008 at 2:10 pm
Thanks for the test. I ran it in my Ubuntu 7.10 and my keys are guessable by a 5 year old child.
I can stop to wonder: how this can happen ? Please ban this guy Kurt Roeckx from Debian package maintenance and put him to beta test GUI interfaces. Please this guy must NOT TOUCH CRYPTOGRAPHIC SYTEM CORE/PERVASIVE CODE ANY MORE.
We ( people that support community based distros ) must learn from this: any core /system wide code like this should be peer reviewed by the whole package maintenance team, and rigourous run-time testing should be mandated with a ( do-the test-or-not-commit-anything policy )
July 9th, 2008 at 5:19 pm
Nice blog,i will come back here everyday, greetings
September 6th, 2008 at 9:05 pm
thanks a lot for this nice web site. it would be better with other languages, bur thanks..
December 31st, 2008 at 10:54 pm
[...] everything done using the RNG on Debian or Ubuntu Linux is insecure because the keys are guessable. Everything! Any SSL connection made from such a machine. Any secure certificate signed by such a machine. And [...]
April 18th, 2009 at 9:31 pm
July 24th, 2011 at 12:29 pm
Good morning – good blog post Who knows is there a cheaper SMS message marketing service for stores @ California than 12stores.com? They only cost 9 dollars per 4 weeks which is not much, however l have 2 deliver three more alternatives for my pals.
November 20th, 2011 at 3:20 am
” what’s more, it return with in your thoughts in regards to the morning I ran into my hubby.
December 22nd, 2011 at 3:32 am
Concerning came in order to my final decision your heading inch
January 2nd, 2012 at 6:53 am
heya things that are the websites like myspace web page.
March 13th, 2012 at 11:42 am
I were required to state that I came across your site through Goolge and that i ‘m pleased Used to do. Continue the particular great work plus I may be sure to search for people when We have far more sparetime from the guides. Thanks again!
March 20th, 2012 at 2:28 pm
Great weblog you have here, keep up the good function, enjoy reading your thoughts and would like to follow a person for a long period, i never thought I’d find a excellent site like this one, many websites are so bad that you simply simple just waste your time studying all of them!
March 29th, 2012 at 6:22 pm
Great Website. You should think more about RSS Feeds as a traffic source. They bring me a nice bit of traffic
April 23rd, 2012 at 9:35 am
Hi there, I discovered your blog through Google while searching and your put up appears to be like very interesting for me.
October 22nd, 2012 at 7:07 pm
It might shore up better to ro along with your dealing with postpartum depression without needing paxil in case you are secured regarding it.
November 3rd, 2012 at 4:43 pm
Oh my goodness! a fantastic article dude. Appreciate it However My business is experiencing problem with ur rss . Dont know why Can not join it. Is there anyone acquiring identical rss problem Anyone who knows kindly respond. Thnkx
April 11th, 2013 at 8:09 am
Excellent blog here! Also your site loads up very fast!
What host are you using? Can I get your affiliate link to your host?
I wish my web site loaded up as fast as yours lol
April 19th, 2013 at 4:58 pm
I’m curious to find out what blog system you happen to be working with? I’m having some small security
issues with my latest website and I would like to find something more risk-free.
Do you have any suggestions?
April 27th, 2013 at 11:23 pm
I got this website from my pal who shared with me regarding this site and now this time I am browsing this website and reading
very informative posts at this place.
April 28th, 2013 at 2:16 am
Hello my friend! I wish to say that this article is amazing, nice written and include approximately all significant infos. I would like to see more posts like this.
May 3rd, 2013 at 2:52 pm
Its like you read my mind! You appear to know so much
about this, like you wrote the book in it or something.
I think that you can do with a few pics to drive the message home
a bit, but other than that, this is fantastic blog.
A fantastic read. I will certainly be back.