FS#23856 - SASL should use /dev/urandom instead of /dev/random
Attached to Project:
Arch Linux
Opened by Andreas Baumann (andreas_baumann) - Wednesday, 20 April 2011, 15:09 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 03 August 2011, 20:50 GMT
Opened by Andreas Baumann (andreas_baumann) - Wednesday, 20 April 2011, 15:09 GMT
Last edited by Jan de Groot (JGC) - Wednesday, 03 August 2011, 20:50 GMT
|
Details
Description: SASL should use /dev/urandom instead of
/dev/random
configure --with-devrandom=/dev/urandom |
This task depends upon
Why do you request the change? As far as I understand this would fix possible latency/timeout problems at the cost of weaker encryption, is this correct? If so, do we know that the weaker encryption is "good enough"? What are other distros doing, what does upstream think about the issue?
/dev/urandom guarantees not to block but can deliver less secure random data. Now
in SASL a random device is used for digest computation (as in CRAM MD5) and other
things. If you program a server doing authentication over SASL, the worst thing
which can possibly happen is that it stops during authentication (imagine sshd
would do that): you are open to DoSAs for login.
If you worry about security: /dev/urandom feeds actually on /dev/random for
it's entropy, so in normal situations they are equally safe. If you have a
hardware random number generator and are using for instance rngd, then the
hardware entropy is used to feed /dev/random's entropy pool.
This is a more general discussion I realize and maybe we should look at other
distributions and other packages (not only SASL) and what's the poilicy on
the usage of random number devices there.
to produce entropy (also a little bit interrupts and disk activity). Now servers
rarely have somebody sitting in the rack moving around mouses and doing a lot
of tipping.. ;-)
"http://www.mail-archive.com/debian-bugs-closed@lists.debian.org/msg98604.html"
It's about outweighing two evils, which one is in which case the lesser evil.
It sounds to me after reading the discussions that
1) /dev/random must be used when generating long-lastin keys/certificates (ssh-keygen, ++),
2) /dev/urandom must be used for things susceptible to a DoS attack,
3) things that are neither in 1, nor 2, should use /dev/urandom, and
4) things that are both in 1 and 2 are broken and need to be looked into...
Maybe we have a policy on this already that I have not seen?