Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Ruining Security with java.util.Random

From: Amit Klein (aksecuritygmail.com)
Date: Tue Dec 19 2006 - 00:21:08 CST

Jan P. Monsch wrote:
> Hi
> In my review practice I often have to look at Java source code which is used
> to generate passwords, authentication tokens or session ids. Ever so often
> this code uses the Java API class java.util.Random to generate random
> numbers. It is well-established in security industry that this particular
> random generator is not secure. Since I did not know what the reason is for
> this perception I started to have a closer look.
> During the review of the Java API source code I discovered two
> vulnerabilities which cause the internal state of java.util.Random to be
> partially exposed or easy guessable. Following paper "Ruining Security with
> java.util.Random" demonstrates two techniques how security mechanisms based
> on java.util.Random can be attacked and under certain conditions can be
> broken within seconds:
> http://www.iplosion.com/papers/ruining_security_with_java.util.random_v1.0.p
> df
FYI: I discussed a particular case of reconstructing the internal PRNG
state from output observation (the Apache JServ session ID weakness -
which is based on the Java Random) in my "Cookie Poisoning" paper of
2002 (http://www.cgisecurity.com/lib/CookiePoisoningByline.pdf, see the
appendix for details).


Sponsored by: Watchfire

Today's hackers exploit web applications to expose, embarrass and even
steal. Firewalls and SSL may be commonplace but recent studies indicate 3
out of 4 websites remain vulnerable to attack. Watchfire's "Addressing
Challenges in Application Security" whitepaper, explains what to do and
provides a guideline to improving your own application security.
Download this whitepaper today!