Bugtraq mailing list archives

Re: Comments re ISC's announcement on bind9 security

From: Henrik Langos <hlangos-bugtraq () innominate com>
Date: Thu, 1 Nov 2007 13:17:40 +0100

Dear Shane,

I have no deep insight into the development of bind8/9, nor do I follow
their security track record close enough to judge any of your points
regarding its security.

I beg to differ on a point of terminology though. 

On Wed, Oct 31, 2007 at 02:44:35PM +0100, Shane Kerr wrote:


My own take on it is that "crypto" implies that
information is hidden in some way.


The "information hidden in some way" is the next sequence number. Since
you are using a PRNG in a open source application, there is no secret in 
the algorithm but only in inner state of your PRNG, which is determined 
from its initial state and the number of rounds it has been going 
for. (simplifying a bit here)

If the claim is true that the next sequence number generated by the PRNG 
of bind9 can be guessed after seeing about a dozen of them, than the
"hidden information" is revealed to an attacker.

This to me seems to validate usage of the term "weak crypto".

Not all security-related technology is
cryptography. For instance, putting per-user limits on resources prevents
certain kinds of denial-of-service attacks, but it is certainly not "crypto".

Because a lot of techniques in cryptography require good random numbers, it has
been widely studied by cryptographers. Therefore if you want a good
pseudo-random number generator, it is probably a good idea to see what the state
of the art in the cryptography field is. But random number generation is not
"crypto" any more than using a series of bit shift and XOR operations is crypto.


You are right about the fact that not all security-related technology is
cryptography. And you would even be right if you had said that not all
random number generation is cryptography. 

If I had a device that generated true random numbers, I wouldn't call that device 
a "crypto" device. But _pseudo_ random number generators used for _security purposes_ 
(and the sequence number is a security mechanism, right?) decidedly are crypto.

Best regards
-h.langos

-- 
Speaking for myself and myself only.
<Insert your favourite disclaimer here>

Current thread:

Re: Comments re ISC's announcement on bind9 security Henrik Langos (Nov 01)
- <Possible follow-ups>
- Re: Comments re ISC's announcement on bind9 security Network Protocol Security (Nov 01)
- Re: Re: Comments re ISC's announcement on bind9 security ntn (Nov 01)
  - Re: Comments re ISC's announcement on bind9 security Theo de Raadt (Nov 01)
    - Re: Comments re ISC's announcement on bind9 security Tim (Nov 01)
    - Re: Comments re ISC's announcement on bind9 security Shane Kerr (Nov 02)
    - Re: Comments re ISC's announcement on bind9 security Tim (Nov 02)
    - Re: Comments re ISC's announcement on bind9 security Shane Kerr (Nov 02)
    - Re: Comments re ISC's announcement on bind9 security Tim (Nov 05)