[Bug 2086515] Re: Cryptographically unsafe RNG used for FIT images
Ubuntu Foundations Team Bug Bot
2086515 at bugs.launchpad.net
Sat Nov 2 20:19:16 UTC 2024
The attachment "0001-tools-use-cryptographically-safe-RNG.patch" seems
to be a patch. If it isn't, please remove the "patch" flag from the
attachment, remove the "patch" tag, and if you are a member of the
~ubuntu-reviewers, unsubscribe the team.
[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]
** Tags added: patch
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to u-boot in Ubuntu.
https://bugs.launchpad.net/bugs/2086515
Title:
Cryptographically unsafe RNG used for FIT images
Status in u-boot package in Ubuntu:
New
Bug description:
The mkimage tool uses the random() function for generating the
initialization vector used for AES encryption inside FIT images. As
the PRNG used for the random() function has only 2^31 states this is
cryptographically unsafe. See appended patch.
"The ideal IV is a random or pseudorandom number. It must also be
nonrepeating. Both randomness and nonrepetitiveness are crucial to
prevent attackers from finding patterns in similar parts of the
encrypted message and then using this information to decrypt the
message. The IV need not be secret." [1]
[1] https://www.techtarget.com/whatis/definition/initialization-
vector-IV
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/u-boot/+bug/2086515/+subscriptions
More information about the foundations-bugs
mailing list