[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE for crypto_get_random() from libsrtp
From:       Scott Arciszewski <scott () paragonie ! com>
Date:       2015-07-31 13:38:52
Message-ID: CAKws9z2A08ws63uJfh6Z7z+p8WpNuEiQCRMdsMxXKeCT3e1-ow () mail ! gmail ! com
[Download RAW message or body]

On Fri, Jul 31, 2015 at 8:47 AM, Adam Maris <amaris@redhat.com> wrote:
> Hello,
>
> I've got question whether this bug
> (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=793971) is CVE-worthy?
> Could it be classified as CWE-330: Use of Insufficiently Random Values?
>
> According to the SRTP documentation
> (http://srtp.sourcearchive.com/documentation/1.4.2.dfsg/group__SRTP_g1d4c228c6a58096dfab3cefbabd66f17.html),
> it provides 80 bits of random data, which is quite a borderline.
>
> Thanks.
>
> --
> Adam Maris / Red Hat Product Security
>

I would consider 80 bits insufficient for cryptography, but it's not
really exploitably weak (like, say, rand() would be). Whether or not
it warrants a CVE is obviously MITRE's discretion.

2^80 is out of reach for most people to brute force in 2015 (maybe
even for intelligence agencies), but 2^100 is generally the lower
bound of acceptable.

Just my $0.02.

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>
[prev in list] [next in list] [prev in thread] [next in thread]