Njengoba kwaziwa kahle, /dev/random, i-cryptographically security pseudorandom generator (CSPRNG), inenkinga eyodwa ecasulayo: ukukhiya. Lesi sihloko sichaza indlela yokuxazulula le nkinga.
Izinsiza zokukhiqiza izinombolo ezingahleliwe ze-kernel zisetshenzwe kabusha kancane ezinyangeni ezimbalwa ezedlule, kodwa izinkinga kulolu hlelo oluncane zixazululwe isikhathi eside. Abaningi Lokhu bekuhloselwe ukuvimbela ikholi yesistimu ye-getrandom() ekuvinjweni isikhathi eside phakathi nokuqaliswa kwesistimu, kodwa imbangela eyinhloko kwakuwukuziphatha kwephuli yokuvimbela okungahleliwe. Ipheshi yakamuva izosusa leli chibi, futhi bekulindeleke ukuthi ifinyelele ku-kernel yomugqa omkhulu.
U-Andy Lutomirski ushicilele inguqulo yesithathu yesichibi ngasekupheleni kukaDisemba. Iyethula "izinguquko ezimbili ezinkulu zesimantiki kuma-API angahleliwe Linux»Isiqephu sengeza ifulegi elisha le-GRND_INSECURE ocingweni lwesistimu ye-getrandom() (nakuba uLutomirsky ebhekisela kuyo njenge-geentropy(), esetshenziswa nge-glibc kusetshenziswa i-getrandom() enamafulegi angashintshiwe); leli fulegi libangela ukuthi ikholi ihlale ibuyisela inani ledatha eceliwe, kodwa ngaphandle kwesiqinisekiso sokuthi le datha ayihleliwe. I-kernel izokwenza konke okusemandleni ukubuyisela idatha engahleliwe engcono kakhulu enayo ngaleso sikhathi. "Mhlawumbe into engcono kakhulu ongayenza ukuyibiza ngokuthi 'INSECURE'" (angivikelekile) ukuvimbela le API ukuthi isetshenziselwe izinto ezidinga ukuphepha."
Ama-patches aphinde asuse ichibi lokuvimbela. Njengamanje, i-kernel igcina amachibi amabili wedatha angahleliwe, eyodwa ehambisana ne / dev / okungahleliwe kanti enye ku / dev / urandom, njengoba kuchazwe kulokhu. 2015. I-blocking pool iyichibi le-/dev/random; ifundeka kule divayisi izovimba (njengoba igama layo libonisa) kuze kube yilapho i-entropy "eyanele" isiqoqwa kusukela kusistimu ukuze kwanelise isicelo. Ukufundwa okwengeziwe okuvela kuleli fayela kuzophinde kuvimbe uma i-pool ingenayo i-entropy.
Ukukhipha iphuli yokukhiya kusho ukuthi ukufunda ukusuka ku-/dev/okungahleliwe kuziphathisa njenge-getrandom() enamafulegi asethelwe kuqanda (futhi kuguqula ifulegi le-GRND_RANDOM libe yi-noop). Ngemva kokuqala i-cryptographic random generator (CRNG), ukufunda kusuka ku-/dev/okungahleliwe nokubiza i-getrandom(...,0) ngeke kuvimbe futhi kuzobuyisela inani eliceliwe ledatha engahleliwe.
ULutomirsky uthi: "Ngicabanga ukuthi ichibi lokuvimba Linux isiphelelwe yisikhathi sokusebenziseka kwayo. Linux ikhiqiza umkhiqizo omuhle ngokwanele ukuthi ungasetshenziselwa ngisho nokukhiqiza ukhiye. Idamu lokuvimba alinamandla nganoma iyiphi indlela ebonakalayo, futhi ukuligcina lidinga ingqalasizinda eningi enenani elingabazekayo.
Izinguquko zenziwe ngenhloso yokuthi izinhlelo ezikhona ngeke zilimale, futhi empeleni, kuzoba nezinkinga ezimbalwa ngokulinda isikhathi eside izinto ezifana nokukhiqiza ukhiye we-GnuPG.
"Lolu chungechunge akufanele luphule noma yiziphi izinhlelo ezikhona. /dev/urandom ihlala ingashintshiwe. /dev/random isavimbe ngokushesha ngemva kokuqalisa, kodwa ivimba kancane kunangaphambili. getentropy() namafulegi akhona azobuyisela umphumela ofanele izinjongo ezingokoqobo njengangaphambili."
U-Lutomirsky waphawula ukuthi umbuzo wokuthi i-kernel kufanele yini inikeze okuthiwa "izinombolo ezingahleliwe zangempela," okuyinto i-kernel yokukhiya okwakufanele iyenze ngezinga elithile, ihlala ivulekile. Ubona isizathu esisodwa salokhu: "ukuhambisana nezindinganiso zikahulumeni." U-Lutomirsky uphakamise ukuthi uma i-kernel izohlinzeka ngalokhu, kufanele yenziwe ngokusebenzisa isixhumi esibonakalayo esihluke ngokuphelele noma ihanjiswe esikhaleni somsebenzisi, ukuyivumela ukuthi ikhiphe amasampula omcimbi ongahluziwe angasetshenziswa ukudala ichibi lokukhiya elinjalo.
UStephan Müller uphakamise ukuthi isethi yakhe yomkhiqizi wezinombolo ezingahleliwe Linux (LRNG) (okwamanje enguqulweni 26) ingaba yindlela yokuhlinzeka ngezinombolo zangempela ezingahleliwe zezinhlelo zokusebenza ezizidingayo. I-LRNG "ihambisana ngokugcwele nezidingo zeNcoma ye-Entropy Sources Esetshenziswa Ekukhiqizweni Kwe-Random Bit SP800-90B," okwenza kube yisisombululo senkinga yezindinganiso zikahulumeni.
U-Matthew Garrett uphikise igama elithi "idatha engahleliwe yeqiniso," ephawula ukuthi imishini eyenziwa njengesampula ingase imodelwe kahle ngokwanele ukuze ikwazi ukubikezelwa: "asisampuli izehlakalo eziningi lapha."
U-Müller uphendule ngokuthi leli gama livela kwejwayelekile yaseJalimane i-AIS 31 ukuchaza ijeneretha yenombolo engahleliwe ekhiqiza kuphela okukhiphayo "ngesilinganiso esifanayo njengoba umthombo womsindo ongaphansi ukhiqiza i-entropy."
Ngaphandle komehluko wamagama, ukuba nephuli yokukhiya njengoba kuphakanyiswe iziqephu ze-LRNG kuzovele kuholele ezinkingeni ezihlukahlukene, okungenani uma kufinyeleleka ngaphandle kwamalungelo.
Njengoba uLutomirsky esho: "Lokhu akuyixazululi inkinga. Uma abasebenzisi ababili abahlukene besebenzisa izinhlelo eziyisiphukuphuku ezifana ne-gnupg, bazovele balambelene. Ngibona izinkinga ezimbili eziyinhloko nge /dev/random okwamanje: ithambekele ku-DoS (okungukuthi, ukuphela kwensiza, ithonya elinonya, noma okunye okunjalo), futhi njengoba ingadingi amalungelo okusebenzisa, i-Gnup's futhi ijwayele ukuqedela ukuhlukumeza. ukuxhumana okungalungile okungase kusetshenziswe i-gnupg nezinye izinhlelo ezifanayo, sizolahlekelwa futhi."
UMüller uqaphele ukuthi ukungezwa kwe-getrandom() manje kuzovumela i-GnuPG ukuthi isebenzise lesi sixhumi esibonakalayo, njengoba sizonikeza isiqinisekiso esidingekayo sokuthi ichibi seliqalisiwe. Ngokusekelwe ezingxoxweni nonjiniyela we-GnuPG u-Werner Koch, uMüller ukholelwa ukuthi lesi siqinisekiso ukuphela kwesizathu sokuthi i-GnuPG okwamanje ifundeka ngokuqondile ku-/dev/random. Kodwa-ke, uma kukhona isixhumi esibonakalayo esingavumelekile esingase sinqatshelwe insizakalo (njengoba i/dev/okungahleliwe injalo), ngokusho kukaLutomirsky, izosetshenziswa kabi ezinye izinhlelo zokusebenza.
UTheodore Ts'o (uTheodore Yue Tak Ts'o), unjiniyela wesistimu encane yezinombolo ezingahleliwe Linux, kubonakala sengathi washintsha umqondo wakhe ngesidingo sedamu lokuvimba. Uthe ukulisusa kuzoqeda umqondo wokuthi Linux inejeneretha yenombolo engahleliwe yangempela (TRNG): "Lokhu akuwona umbhedo, ngoba yilokhu *BSD ebihlale ikwenza."
Ukhathazekile nangokuthi ukuhlinzeka ngendlela ye-TRNG kuzosebenza njengesiheho kubathuthukisi bohlelo lokusebenza futhi ukholelwa ukuthi empeleni, uma kucatshangelwa izinhlobo ezahlukene zehadiwe ezisekelwayo. Linux, akunakwenzeka ukuqinisekisa i-TRNG ku-kernel. Ngisho nokuvumela amalungelo ezimpande kuphela ukuthi asebenzise ihadiwe ngeke kuxazulule inkinga: "Onjiniyela bohlelo lokusebenza badinga ukuthi uhlelo lwabo lokusebenza lufakwe njengempande ngezinjongo zokuphepha, ngoba iyona ndlela kuphela ongafinyelela ngayo izinombolo ezingahleliwe 'ezinhle ngempela'."
UMüller ubuze ukuthi ngabe uCao ukuyekile yini ukuqaliswa kwedamu lokuvimba ayekuhlongoze kudala. U-Cao uphendule ngokuthi uhlela ukuthatha ama-patches ka-Lutomirsky futhi wayemelene kakhulu nokwengeza isixhumi esibonakalayo esivimbayo emuva ku-kernel.
"I-kernel ayikwazi ukunikeza noma yiziphi iziqinisekiso mayelana nokuthi umthombo womsindo ufakwe uphawu ngendlela efanele yini. Okuwukuphela kwento umthuthukisi we-GPG noma i-OpenSSL angayithola umuzwa ongacacile wokuthi i-TRUERANDOM 'ingcono,' futhi njengoba ifuna ukuvikeleka okukhulu, ngokungangabazeki bayozama ukuyisebenzisa. Ngesinye isikhathi, izovinjelwa, futhi lapho omunye umsebenzisi ohlakaniphile (mhlawumbe ekhipha amasistimu okusebenza), ayikhiphe ohlelweni olusebenzayo, futhi ayikhiphe ohlelweni lokusebenza. okuwukuphela kwento esele kubasebenzisi ukuthi bakhononde kuyo nguLinus Torvalds ngokwakhe."
I-Cao iphinde ikhuthaze ukuhlinzeka ngama-cryptographer kanye nalabo abawadinga ngempela ama-TRNG ngendlela yokuqoqa i-entropy yabo esikhaleni somsebenzisi ukuze bazisebenzise. Uphikisa ngokuthi ukuqoqwa kwe-entropy akuyona inqubo engenziwa yi-kernel kuwo wonke ama-hardware asekelwe, nokuthi i-kernel ngokwayo ayikwazi ukulinganisa inani le-entropy elinikezwa imithombo ehlukahlukene.
"Umgogodla akufanele uhlanganise imithombo ehlukene yomsindo ndawonye, futhi akufanele uzame ukusho ukuthi uyazi ukuthi zingaki izingcezu ze-entropy ezitholayo lapho izama ukudlala "umdlalo we-jerky entropy" ekwakhiweni kwe-CPU elula ngendlela ehlekisayo yamacala omsebenzisi we-IOT/Embedded, lapho yonke into ingaphandle kokuvumelanisa nge-oscillator eyodwa eyinhloko, lapho kungekho myalelo we-CPU wokubhalisa kabusha, njll.
"Singakhuluma ngokuhlinzeka ngamathuluzi azama ukwenza lezi zibalo, kodwa izinto ezinjalo kuzodingeka zenziwe ku-hardware yomsebenzisi ngamunye, okumane kungenakwenzeka kubasebenzisi abaningi bokusabalalisa. Uma lokhu kuhloselwe kuphela ama-cryptographer, khona-ke makwenziwe endaweni yabo yomsebenzisi. Futhi masingayenzi lula i-GPG, i-OpenSSL, njalo njalo, ukuze wonke umuntu athi, 'Sifuna ukungahleleki kweqiniso' futhi sithole okuncane 'futhi sithole okuncane. Singakhuluma ngendlela esihlinzeka ngayo ngezindawo zokusebenzelana kubadwebi be-cryptographer ukuze bathole ulwazi oludingekayo ngokufinyelela imithombo yomsindo engaphansi, ehlukanisiwe futhi eqanjwe igama, futhi mhlawumbe nokuvumela umthombo womsindo ukuthi uzitholele ubuqiniso kumtapo wolwazi wendawo yomsebenzisi noma uhlelo lokusebenza."
Kube nengxoxo ethile mayelana nokuthi isixhumi esibonakalayo esinjalo singabukeka kanjani, njengoba eminye imicimbi, ngokwesibonelo, ingaba nemithelela yezokuphepha. U-Cao waphawula ukuthi amakhodi wokuskena ikhibhodi (okungukuthi, izinkinobho zokhiye) ahlanganiswe njengengxenye yeqoqo le-entropy: "Ukuhambisa lokhu endaweni yomsebenzisi, ngisho nangocingo lwesistimu olukhethekile, kungaba, okungenani, okungahlakaniphile." Kungenzeka futhi ukuthi ezinye izikhathi zomcimbi zingadala uhlobo oluthile lokuvuza kolwazi lwesiteshi.
Ngakho-ke, kubonakala sengathi inkinga ende yesistimu encane yezinombolo ezingahleliwe Linux isendleleni eya esixazululweni. Izinguquko uhlelo lwezinombolo ezingahleliwe oluye lwenzeka muva nje ziholele ezinkingeni ze-DoS ngesikhathi sokusetshenziswa kwayo. Kodwa-ke, manje kunezindlela eziphumelelayo zokuthola izinombolo ezingahleliwe ezingcono kakhulu i-kernel engazinikeza. Uma i-TRNG isafiseleka kakhulu Linux, khona-ke lokhu kuntuleka kuzodingeka kuxazululwe esikhathini esizayo, kodwa cishe lokhu ngeke kwenziwe ngaphakathi kwe-kernel uqobo.
Ezinye izikhangiso 🙂
Siyabonga ngokuhlala nathi. Uyazithanda izindatshana zethu? Ufuna ukubona okuqukethwe okuthakaselayo okwengeziwe? Sisekele ngokufaka i-oda noma ngokuncoma kubangani, , i-analogue ehlukile yamaseva ezinga lokungena, esungulwe yithi ngenxa yakho: (itholakala nge-RAID1 kanye ne-RAID10, kufika kuma-cores angu-24 kuze kufike ku-40GB DDR4).
I-Dell R730xd 2x ishibhile esikhungweni sedatha se-Equinix Tier IV e-Amsterdam? Lapha kuphela eNetherlands! I-Dell R420 - 2x E5-2430 2.2Ghz 6C 128GB DDR3 2x960GB SSD 1Gbps 100TB - isuka ku-$99! Funda mayelana
Source: www.habr.com
