Bugtraq mailing list archives
Re: VNC authentication weakness
From: Mike Porter <mike () UDel Edu>
Date: Tue, 30 Jul 2002 12:25:37 -0400 (EDT)
To be more specific, there are two things you need in a challenge value: uniqueness and unpredictability. Lack of uniqueness allows an attacker to replay a past response to a future challenge. Predictability allows an attacker to pre-fetch a correct future response from one of the parties. A counter provides perfect uniqueness (up to its maximum range) but easy predictability. A physical random source provides great unpredictability
A counter is acceptable if it and a value from the entropy pool are run through MD5 or SHA1. The "seed" or current state of the entropy pool must of course be kept in a secure fashion and not revealed. You must not ever re-issue a challenge, etc. The counter must be used properly and not allowed to wrap without some sort of reseeding operation. Otherwise, you will violate the previous condition. I have hardly covered all the points. A good paper seems to be: http://www.counterpane.com/yarrow.html. Mike
Current thread:
- Re: VNC authentication weakness, (continued)
- Re: VNC authentication weakness Constantin Kaplinsky (Jul 26)
- Re: VNC authentication weakness Andreas Beck (Jul 25)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Mitch Adair (Jul 26)
- Re: VNC authentication weakness Jose Nazario (Jul 26)
- Re: VNC authentication weakness Ariel Waissbein (Jul 27)
- Re: VNC authentication weakness David Wagner (Jul 25)
- Re: VNC authentication weakness Theo de Raadt (Jul 29)
- Re: VNC authentication weakness Nate Lawson (Jul 29)
- Re: VNC authentication weakness Mike Porter (Jul 30)
- Re: VNC authentication weakness David Malone (Jul 30)