Hacker News new | past | comments | ask | show | jobs | submit login

Honestly I don't know why. I generate 60 bytes of pseudorandom and that worked on first try.



My understanding thus far has been that openssl has gotten a pass because their implementation was always broken ... so nobody was at risk.

Has that changed ?


No, they plan on removing the PRNG from their release. I understand better why my POC worked without triggering the bug. From the mail archive: ". When the discard occurs the data must not be output and the Dual EC DRBG state must be updated, but that state update isn't done. In the case of no additional input this has no effect, but additional input is used by the "FIPS capable" OpenSSL. Note that additional input does not effectively defeat the backdoor vulnerability[3]."

I do not use the reseed functionality either, because I only generate two or three output blocs and never call an explicit reseed.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: