Linux Security Vulnerabilities Uncovered

Three security experts--Zvi Gutterman (CTO of Safend, a security firm, Benny Pinkas, a member of the Computer Science Department at Haifa University, and Tzachy Reinman, a graduate student in the School of Engineering and Computer Science at Hebrew University of Jerusalem--have discovered several security vulnerabilities in Linux.

The team’s research includes an attack on the Linux random-umber generator (LRNG). The LRNG is the key element behind most security protocols and tools which are part of Linux. Among them are PGP, SSL, Disk and email encryption. Using the attack presented by the research team, an adversary attempting to break into a Linux machine may compute backward outputs of the LRNG and use them to access previous confidential communications.

Gutterman, along with Pinkas and Reinman, used dynamic and static reverse engineering to learn the operation of the LRNG. The team was then able to illustrate flaws in the design of the generator as well as measurements of the actual entropy collected by it.

"Our result shows that open source is not a synonym for secure design; once the LRNG is broken, we can break any future or previous password on that PC," stated Gutterman. "However, open source benefits security by enabling security audits. As we state in our research paper, we feel that the open source community should have a better policy for security sensitive software components. They shouldn’t be treated as other source elements."

Gutterman, Pinkas, and Reinman will present their
research paper entitled "Analysis of the Linux Random Number Generator" at the IEEE Security and Privacy Symposium.

Posted by Jon Erickson at 05:20 PM  Permalink