home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky sci.crypt:6356 alt.security.pgp:452
- Path: sparky!uunet!cis.ohio-state.edu!zaphod.mps.ohio-state.edu!caen!spool.mu.edu!enterpoop.mit.edu!eru.mt.luth.se!kth.se!news.kth.se!juha
- From: juha@elixir.e.kth.se (Juha Sarlin)
- Newsgroups: sci.crypt,alt.security.pgp
- Subject: PGP 2.1 doesn't use first byte of IDEA random key?
- Message-ID: <JUHA.93Jan4174657@elixir.elixir.e.kth.se>
- Date: 4 Jan 93 16:46:57 GMT
- Sender: usenet@kth.se (Usenet)
- Organization: School of EE, Royal Institute of Technology, Sweden
- Lines: 43
- Nntp-Posting-Host: elixir.e.kth.se
-
- The function strong_pseudorandom() uses a key and a seed from the
- randseed.bin file to generate pseudo-random numbers. For some reason
- the first byte of the key is not initialized or modified, although I
- think that it is used in key generation. Perhaps the author hoped to
- get random data in the buffers because they are on the stack? On my
- system the first byte seems to always be zero.
-
- Here is a patch to handle the first byte in same way as all the
- others:
-
- *** 1.1 1992/12/27 15:37:03
- --- crypto.c 1993/01/04 15:24:41
- ***************
- *** 327,329 ****
- randaccum(8*(sizeof(key)+sizeof(seed)));
- ! for (i=1; i<sizeof(key); i++)
- key[i] ^= randombyte();
- --- 327,329 ----
- randaccum(8*(sizeof(key)+sizeof(seed)));
- ! for (i=0; i<sizeof(key); i++)
- key[i] ^= randombyte();
- ***************
- *** 360,362 ****
- /* now cover up evidence of what user got */
- ! for (i=1; i<sizeof(key); i++)
- key[i] ^= idearand() ^ randombyte();
- --- 360,362 ----
- /* now cover up evidence of what user got */
- ! for (i=0; i<sizeof(key); i++)
- key[i] ^= idearand() ^ randombyte();
- ***************
- *** 396,399 ****
- count=0;
- ! while (++count <= IDEAKEYSIZE)
- ! key[count] = randombyte();
-
- --- 396,399 ----
- count=0;
- ! while (count < IDEAKEYSIZE)
- ! key[count++] = randombyte();
-
- --
- Juha Sarlin juha@elixir.e.kth.se or juha@tds.kth.se
-
