[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [RFC] ra_svn::make_nonce: how to cope with entropy shortages?

From: Daniel Shahaf <d.s_at_daniel.shahaf.name>
Date: Thu, 03 Nov 2011 12:53:06 +0200

On Thursday, November 03, 2011 11:42 AM, "Stefan Sperling" <stsp_at_elego.de> wrote:
> On Thu, Nov 03, 2011 at 12:01:58PM +0200, Daniel Shahaf wrote:
> > Something tells me that when a cryptographic protocol calls for random
> > numbers then a quasiconstant or known value wouldn't do instead.
>
> Put more bluntly, if protocol designers bothered with putting a random
> number into their protocol, implementors must assume that designers had
> a good reason for the number to be *random*. Using the current time instead
> of a random number is breaking the protocol implementation.
>
> I mean, seriously, it's not like Debian didn't have a track record
> of breaking security with custom patches. Remember the ssh keys debacle?
> I am amazed to learn such a patch exists in Debian's Subversion packages.
> I think this patch should be pulled from Debian's Subversion packages
> immediately.
>

Yes, in general if you don't know why a random number was used you'd
better not make it any less random. But please don't rush to
conclusions without studying the concrete protocol.
Received on 2011-11-03 11:53:38 CET

This is an archived mail posted to the Subversion Dev mailing list.