> I agree, using known data (port numbers, addresses) as "secret" data to
The secret array is composed by known data and unknown data. The first
three words are known (are in function of the tcp fields). The rest is a
random data changed every 300 seconds).
The bug was causing the random data to be known (precisely it was set to
zero all the time).
So actually all the secret array is known for 2.2.x.
This leads to be able to predict the sequence number if we known the
saddr/daddr/sport/dport as we can build the exact input of the
halfMD4Transform. The only remaining variable is the time increase that
with a very fast hardware can be guessed I think.
With the typo-bug fixed, the random part of the secret would be unknown.
So in the bug-free case (aka pre-2.2.13/2.3.18ac8), the attacker can't
know the whole secret, and so IMHO it won't be trivial for him to predict
the output of the md4 transformation in 300 seconds 8).
Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/