The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

    • RT @locuta: Het is echt krankzinnig dat het wordt verboden (!!!!) om mensen te helpen. En dat daar niet veel meer mensen tegen in opstand k… 11 minutes ago
    • RT @Walrathis: Ohjeeminee, Nederlandse luchthavens zorgen zelf wel heel hard voor vliegontmoedigingsbeleid😬 11 minutes ago
    • RT @Walrathis: #KopfTisch mein Flug wurde gerade schon einige Wochen voraus annuliert…..dann gibt es wohl anscheinend kein fittes Personal… 12 minutes ago
    • RT @Walrathis: So isses👉 14 minutes ago
    • RT @locuta: Ja, want ze zijn bang dat het kabinet anders valt. Alsof je een kabinet niet zou moeten láten vallen als het letterlijk middele… 18 minutes ago
  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,909 other followers

Avoid writing the deep security layers of your software yourself, as it is hard, even for seasoned security software developers (see CVE-2021-41117 | GitHub Security Lab)

Posted by jpluimers on 2022/09/08

I’ve mentioned this in the past, but not sure I did that on my blog yet, so here it goes:

Avoid writing the deep security layers of your software yourself, as it is hard, even for seasoned security software developers.

Push as much as you can to well tested external libraries.

See for instance [Wayback/] GHSL-2021-1012: Poor random number generation in keypair – CVE-2021-41117 | GitHub Security Lab

Three went wrong, leading to easy to guess RSA security keys:

  1. The library has an insecure random number fallback path. Ideally the library would require a strong CSPRNG instead of attempting to use a LCG and Math.random.
  2. The library does not correctly use a strong random number generator when run in NodeJS, even though a strong CSPRNG is available.
  3. The fallback path has an issue in the implementation where a majority of the seed data is going to effectively be zero.

The most important thing that went wrong was seeding the random number generator, cascading



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: