#23086: GIMP Captcha uses insecure random number generator
----------------------------------+--------------------------
 Reporter:  cypherpunks           |          Owner:  isis
     Type:  defect                |         Status:  reopened
 Priority:  Medium                |      Milestone:
Component:  Obfuscation/BridgeDB  |        Version:
 Severity:  Normal                |     Resolution:
 Keywords:                        |  Actual Points:
Parent ID:                        |         Points:
 Reviewer:                        |        Sponsor:
----------------------------------+--------------------------
Changes (by cypherpunks):

 * status:  closed => reopened
 * resolution:  not a bug =>


Comment:

 1)
 You don't use /dev/urandom in your captcha generation. You use ordinary
 random. I don't know if GIMP functions internals use CSPRNG, but I think
 they neither do.

 >Almost all module functions depend on the basic function random(), which
 generates a random float uniformly in the semi-open range [0.0, 1.0).
 Python uses the Mersenne Twister as the core generator.

 MT is insecure.

 >2) There's no need for a CSPRNG when randomly munging pixels.

 If the bias in the distribution the captcha parameters is exploitable (it
 is if the PRNG is not secure) there are odds to solve the captcha (with or
 without OCR) non-negligible better than if it was truly random. You are a
 cryptologist, you should understand that.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23086#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Reply via email to