From ossi_briefing_list at oss-institute.org Thu Nov 29 13:31:40 2007 From: ossi_briefing_list at oss-institute.org (Activity Updates for OSSI Members and Sponsors) Date: Thu, 29 Nov 2007 13:31:40 -0600 Subject: [Ossi_briefing_list] Flaws in the OpenSSL FIPS Object Module v1.1.1 Message-ID: <1196364701.27640.271.camel@bubba.ossi> Flaws in the OpenSSL FIPS Object Module v1.1.1 A significant flaw in the PRNG implementation for the OpenSSL FIPS Object Module v1.1.1 (certificate #733, http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#733) has been reported by Geoff Lowe of Secure Computing Corporation. Due to a coding error in the FIPS self-test the auto-seeding never takes place. That means that the PRNG key and seed used correspond to the last self-test. The FIPS PRNG gets additional seed data only from date-time information, so the generated random data is far more predictable than it should be, especially for the first few calls (CVE-2007-5502). Note that this PRNG bug is only present in the v1.1.1 implementation and not in the regular OpenSSL product or in the OpenSSL FIPS Object Module v1.2 now undergoing validation testing. Only those applications using v1.1.1 of the OpenSSL FIPS Object Module which enter FIPS mode are affected. Applications which do not enter FIPS mode or which use any other version of OpenSSL are not affected. Bugs like this in open source software are routinely found and corrected with a patch and/or updated source distribution. In this case two separate patches have been developed by Dr Stephen Henson (steve at openssl.org): http://www.openssl.org/news/patch-CVE-2007-5502-1.txt (the simplest direct fix) and: http://www.openssl.org/news/patch-CVE-2007-5502-2.txt (a workaround which avoids touching the PRNG code directly). However, for FIPS 140-2 validated software no changes are permitted without prior CMVP approval so neither of these patches can be applied to the v1.1.1 distribution for the purposes of producing a validated module. We have supplied the information needed for a "letter change" update request based on the latter of these two patches to the CMT Laboratory for their submission to the CMVP. Once (and if) approved the new distribution containing this patch will be posted as http://openssl.org/source/openssl-fips-1.1.2.tar.gz to replace the current distribution at http://openssl.org/source/openssl-fips-1.1.1.tar.gz. Note that in addition to this real-world vulnerability there is a separate problem in this same PRNG implementation concerning the FIPS 140-2 continuous self-test, about which we have received multiple reports. The resolution of that problem hinges on interpretation of FIPS 140-2 scripture and we're still working on crafting a fix consistent with the conflicting opinions we've received. At this point I have no estimate as to when the change letter(s), for either or both fixes, will be approved. From the perspective of those who must deal with events on "Internet time" the CMVP process is glacially slow. In the absence of any realistic expectation of quick results in that regard OSSI has chosen to make this announcement now in the hope of minimizing the disruption for the many products and "private label" validations known to use or be derived from the v1.1.1 validation and currently undergoing FIPS 140-2 validation. -Steve M. -- Steve Marquess Open Source Software Institute marquess at oss-institute.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Announcement Mailing List openssl-announce at openssl.org Automated List Manager majordomo at openssl.org Posted by SnTeam Events at 6:35 AM ============================================= from the desk of John M. Weathersby, Jr. Executive Director Open Source Software Institute tel: 601.427.0152 (MS) tel: 202.683.7524 (DC) ---------------------------------------------------------------------------------- "The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius ---------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/6795d6f7/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: ossi_button.gif Type: image/gif Size: 2599 bytes Desc: not available Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/6795d6f7/attachment-0001.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenSSL_Alert_112907b.jpg Type: image/jpeg Size: 18367 bytes Desc: not available Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/6795d6f7/attachment-0001.jpg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/6795d6f7/attachment-0001.bin From ossi_briefing_list at oss-institute.org Thu Nov 29 15:06:30 2007 From: ossi_briefing_list at oss-institute.org (Activity Updates for OSSI Members and Sponsors) Date: Thu, 29 Nov 2007 15:06:30 -0600 Subject: [Ossi_briefing_list] AFEI Conference Update Message-ID: <1196370390.6542.45.camel@bubba.ossi> Here's a copy of the event brochure for the upcoming 3rd DoD Open Conference December 11-12, 2007 Sheraton Premiere at Tysons Corner Vienna, VA Contact Info: Betsy Lauer (703-247-9473) Click here to download the pdf Sign up now for Early Registration Discount (click here for AFEI/NDIA Registration Page) The event is really coming together. Great speakers! Should be a solid event. Conference Theme Deploying open technologies, standards and architectures in military systems Objectives: The primary objective of the DoD Open IT Conference is to inform the Defense community of the advantages and issues surrounding the deployment of open technology, present case studies on successful use in government organizations, and present practical guides to the use, development, deployment and maintenance of open technology systems within U.S. Department of Defense information technology systems. Please spread the word around. Hope to see you there, jmw ============================================= from the desk of John M. Weathersby, Jr. Executive Director Open Source Software Institute tel: 601.427.0152 (MS) tel: 202.683.7524 (DC) ---------------------------------------------------------------------------------- "The object of life is not to be on the side of the majority, but to escape finding oneself in the ranks of the insane." -- Marcus Aurelius ---------------------------------------------------- -------------- next part -------------- An HTML attachment was scrubbed... URL: http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/fbd3d1b2/attachment-0001.html -------------- next part -------------- A non-text attachment was scrubbed... Name: ossi_button.gif Type: image/gif Size: 2599 bytes Desc: not available Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/fbd3d1b2/attachment-0001.gif -------------- next part -------------- A non-text attachment was scrubbed... Name: AFEI_3_112907.jpg Type: image/jpeg Size: 31049 bytes Desc: not available Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/fbd3d1b2/attachment-0001.jpg -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://oss-institute.org/pipermail/ossi_briefing_list_oss-institute.org/attachments/20071129/fbd3d1b2/attachment-0001.bin