From: Kevin L Prigge <klp@gold.tc.umn.edu>
Date: Sun, 17 Sep 95 22:27:32 PDT
To: iang@CS.Berkeley.EDU (Ian Goldberg)
Subject: Re: Netscape SSL implementation cracked!
In-Reply-To: <199509180441.VAA16683@lagos.CS.Berkeley.EDU>
Message-ID: <305d030d0527002@noc.cis.umn.edu>
MIME-Version: 1.0
Content-Type: text/plain


A little birdie told me that Ian Goldberg said:
> 
> As some of you may recall, a few weeks ago I posted a
> reverse-compilation of the random number generation routine used by
> netscape to choose challenge data and encryption keys.
> 
> Recently, one of my officemates (David Wagner <daw@cs.berkeley.edu>)
> and I (Ian Goldberg <iang@cs.berkeley.edu>) finished the job
> of seeing exactly how the encryption keys are picked.
> 
> What we discovered is that, at least on the systems we checked (Solaris
> and HP-UX), the seed value for the RNG was fairly trivial to guess by
> someone with an account on the machine running netscape (so much so
> that in this situation, it usually takes less than 1 minute to find
> the key), and not too hard for people without accounts, either.

Makes one wonder what the seed is on a Windows implementation...
If it's only the time, you can probably approximate what the
clock is set to within a couple of minutes (if the timezone of the
client is known). 

-- 
Kevin Prigge                        |  Holes in whats left of my reason, 
CIS Consultant                      |  holes in the knees of my blues,
Computer & Information Services     |  odds against me been increasin' 
email: klp@cis.umn.edu              |  but I'll pull through...