[Previous] [Next] [Index]
[Thread]
Re: What's the netscape problem
> The interesting part of this article is the discussion of random seed
> weaknesses on the *server* side. If true, this means anybody could use
> the random-seed hole to reverse engineer the process by which the
> server's private key information was generated and break that keypair
> with much, much much less effort than would normally be needed to factor
> a 512-bit RSA key.
>
> (Note that I'm not entirely sure Netscape's server uses 512 bit RSA keys,
> since the documentation, technical data sheets, and generation process
> don't give any clue about what key size is being used. Guess they don't
> want customers worrying their pretty little heads about it.)
>
> This would mean merely getting a fixed server would be insufficient; every
> Netscape server user would need to generate a new keypair, get a new Verisign
> certificate, and revoke the old one.
I think the vulnerability affects mostly on the client and little on the
server. As far as I understand SSL, the client and the server have to
negotiate an encryption key for *each session* by generating some random
bits. It is the generation of this key which brings about the
vulnerability. The session key is only used once per session and since
normally many sessions are carried out, many rounds of random number
generation are done and increases the chance of being attacked. Perhaps
the "initial key-pair generation (of public & private keys)" for the
server also uses similar random number generation. But it is more
difficult to attack this as it is normally done only once for the lifetime
of a server, unless it is so unlucky (lucky?) that the attacker just
happens to "watch" the system at that time of server key-pair generation ...
--
Ong Guan Sin
Computer Centre, National Univ of Singapore
cceonggs@nus.sg
References: