|
Home > Archive > Anonymous Servers > November 2004 > Random numbers in Reliable (Was: Eight-hour latencies? How come?)
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Random numbers in Reliable (Was: Eight-hour latencies? How come?)
|
|
| Thomas J. Boschloo 2004-11-21, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Thomas J. Boschloo wrote:
| Thanks for the clarification. I was under the assumption that Reliable
| 'outsourced' its mixmaster traffic to the mixmaster executable.. I was
| wrong.
|
| OTOH, this can be very worrying to users of reliable as I have seen code
| (posted by Richard some years ago) that Reliable used the standard
| Visual Basic RNG for ESub instead of sound cryptographically strong
| random functions! I wouldn't trust RProcess of doing sound cryptography
| from what limited code I have seen from him.. If the seed of the VB
| rand() function is known, an attacker could perhaps predict the order in
| which messages leave the remailer <scarry thought>.
Since I wrote this, I have had some more time to think about it. Since
the ESub function in Reliable uses Visual Basic's standard (non-crypto)
random function, an attacker can, by sending an ESub message, get the 64
bits that are randomized and search for the seed which results in these
64 bits to get selected.
This seems very bad to me. It is worse than using random functions on
its own since the attacker can see the output of the rand() function.
How should this be solved then? My guess is that all uses of the rand()
function in Reliable should be replaced by its secure counterparts. I am
sure someone with good knowledge of Visual Basic could access the
cryptographically sound random functions in Windows that perhaps,
RProcess didn't have access to at the time...
| | You do understand that Reliable latency is a random time between a
| | Minimum and Maximum latency configured by the operator.
|
| That doesn't seem like a good idea to me at all! Even Minimum latency
| seems like a design flaw to me..
Also having spend more time thinking on this, the range of latency that
a message in Reliable will have will be limited between the Min and Max
latency settings set by the operator. A solution would be to set the
Minimum latency to 0 seconds and the Maximum latency to something like
three days.
Highest esteems,
Thomas J.
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQaB0HgEP2l8iXKAJAQELNAMgiiGo0kw8
gfeAAenJVL+EMkolz6d4ZpgJ
lUL+n3paJMgVVFSoOrAxyZHi08j0Fw9IPnwmsAft
TMYyU6G/N2EpvJiPorkNjR7c
XDHQaD5F1lVQbGIjwYkALbEkxCMtZNmVuWXF+w==
=qA7A
-----END PGP SIGNATURE-----
| |
| panta-admin 2004-11-21, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi !
>How should this be solved then? My guess is that all uses of the rand()
>function in Reliable should be replaced by its secure counterparts. I am
>sure someone with good knowledge of Visual Basic could access the
>cryptographically sound random functions in Windows that perhaps,
>RProcess didn't have access to at the time...
My Reliable mod includes a setting to replace the rand() function with the
secure random number generator from Peter Gutmanns cryptlib.
Due to be released any day now,
Cheers,
panta-admin
-----BEGIN PGP SIGNATURE-----
Version: N/A
iQA/AwUBQaB/ Ix2e88Id2BOOEQI1lgCgyxUcYbWtxKsCzxPUuF3m
/mBJBi8AoPot
sNTRi3q3AeHc79qO6Aqxk54/
=G9jn
-----END PGP SIGNATURE-----
~~~~~~~~~~~~~~~~~~~~~
This message was posted via one or more anonymous remailing services.
The original sender is unknown. Any address shown in the From header
is unverified. You need a valid hashcash token to post to groups other
than alt.test and alt.anonymous.messages. Visit www.panta-rhei.dyndns.org
for abuse and hashcash info.
| |
| Thomas J. Boschloo 2004-11-27, 7:45 am |
| -----BEGIN PGP SIGNED MESSAGE-----
panta-admin wrote:
| Hi !
|
|
|>>How should this be solved then? My guess is that all uses of the rand()
|>>function in Reliable should be replaced by its secure counterparts. I am
|>>sure someone with good knowledge of Visual Basic could access the
|>>cryptographically sound random functions in Windows that perhaps,
|>>RProcess didn't have access to at the time...
|
|
| My Reliable mod includes a setting to replace the rand() function with the
| secure random number generator from Peter Gutmanns cryptlib.
|
| Due to be released any day now,
| Cheers,
| panta-admin
I think you do a commendable job on maintaining Reliable panta-admin,
diversity is good in remailer servers!
Thomas
- --
The Thraddash: "So, what's this? SNORT! An unknown alien species?"
"How wonderful! Someone new to fight!"
Full Game Win/Mac/Linux: <http://sc2.sourceforge.net>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iQB5AwUBQahvQAEP2l8iXKAJAQHBJAMfRi3hkmsE
kbSN7oJJflj2g3sINvQHxM0D
9UA8072u1tAzS/BA75Gd1m/ sKjUCBXjLO8OdAOagiHC1GN21yyGT8U+o9POiZin
I
rNmzz5d/P7ECQMDUjJnpsV87/ofe4AZ9jamctQ==
=dJre
-----END PGP SIGNATURE-----
|
|
|
|
|