Sent from my iPad
On 11/06/2012, at 1:15 PM, Matthew Dawson <[email protected]> wrote: > On June 10, 2012 09:44:24 PM Florian Rüchel wrote: >> Hi Frank, >> >> I thought about CSRF protection and the general idea already stands. We >> should now figure out how we want to have it implemented and then I will >> start working on it. >> >> What we need for it would first be a good PRNG (pseudo random number >> generator). I dug up some code from here: >> http://forums.thedailywtf.com/forums/t/16453.aspx >> I looked through it and it seems like a reasonable approach though its >> fallback is silent and we should think about any kind of user >> notification or removing the fallback. The important thing here is the >> seed and this needs to be as random as possible and no microtime or PID >> stuff will be random enough. > Hmm ... Well I agree better stronger seeds are good, microtime + PID is > pretty difficult to guess. Especially if you stick a lockout system on it, > there is probably enough entropy. I don't think that fallback is a weakness. > If a user wishes to audit their setup, a page could be created. > >> The solution basically tries: >> - OpenSSL (very good!) >> - /dev/urandom (nice one as long as the maintainers keep it random, >> Debian already did screw up, but random enough for our needs, Unix only >> though) > As far as I remember, /dev/urandom wasn't broken, but openssl. > /dev/urandom's only issue is that the entropy is not checked. For better > random numbers, /dev/random is the place to look. And by itself, > /dev/urandom is good enough for our needs as its not a PRNG, it instead uses > randomness induced by the computer (thinks like hard drive speeds, which > deviate based upon the head's location.) > In a VM there may be very little entropy available. If /dev/urandom runs out, it just keeps generating weakly pseudorandom stuff --- not good for crypto. Peter C _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
