Entropy Starvation & Weak-Key Bugs
Study the Debian OpenSSL RNG bug and other real randomness failures.
What Is Entropy Starvation?
Entropy starvation occurs when a system lacks sufficient unpredictable input to seed its CSPRNG. This happens on newly booted embedded devices, virtualized servers, or systems with no user input. The RNG output becomes predictable.
The Debian OpenSSL Bug (CVE-2008-0166)
In 2006, a Debian developer removed a line flagged by Valgrind: MD_Update(&m, buf, j). This line was the entropy source. The result: OpenSSL on Debian only seeded with the PID (max 32,768 values). All keys generated 2006-2008 are in a set of 32,768 possibilities.
All lessons in this course
- True Randomness vs Pseudorandomness
- Cryptographically Secure PRNGs
- Entropy Starvation & Weak-Key Bugs
- Generating Keys, Nonces & IVs Safely