Slashdot Mirror

← Back to Stories (view on slashdot.org)

Devs Working To Stop Go Math Error Bugging Crypto Software (theregister.co.uk)

Posted by msmash on from the interesting-findings dept.

Richard Chirgwin, writing for The Register: Consider this an item for the watch-list, rather than a reason to hit the panic button: a math error in the Go language could potentially affect cryptographic libraries. Security researcher Guido Vranken (who earlier this year fuzzed up some bugs in OpenVPN) found an exponentiation error in the Go math/big package. Big numbers -- particularly big primes -- are the foundation of cryptography. Vranken posted to the oss-sec mailing list that he found the potential issue during testing of a fuzzer he wrote that "compares the results of mathematical operations (addition, subtraction, multiplication, ...) across multiple bignum libraries." Vranken and Go developer Russ Cox agreed that the bug needs specific conditions to be manifest: "it only affects the case e = 1 with m != nil and a pre-allocated non-zero receiver."

19 of 73 comments (clear)

  1. Re:Very slim edge case by GerardAtJob · · Score: 2, Insightful

    A few months ago you would've told "The possibility [...] is about the same as Trump being elected." but it happened! Even if chances are low, it can still happens!

    --
    I can't call that English ;-)
  2. Re: Very slim edge case by Anonymous Coward · · Score: 5, Funny

    Congrats, you've managed to bring up Trump in a completely unrelated article. You guys are worse than Hitler.

  3. Young Math is Best Math by Anonymous Coward · · Score: 2, Funny

    Fuck you old people don't know your shit. Young rockstar coders need to reinvent your dinosaur wheels because you fucking suck.

    Lol whut r codez iz bugged?!!

  4. Re:Very slim edge case by 93+Escort+Wagon · · Score: 4, Insightful

    I remember, years ago, hearing pretty much that same argument (excepting the Trump reference) when the first jpeg executable exploit was discovered.

    Once a flaw is known, it is a mistake to assume clever people won’t find a clever way to practically leverage it - no matter how obscure it seems at first glance.

    --
    #DeleteChrome
  5. Congratulations, msmash! by sconeu · · Score: 3, Insightful

    You have composed what may be the world's most incomprehensible headline!

    --
    General Relativity: Space-time tells matter where to go; Matter tells space-time what shape to be.
    1. Re:Congratulations, msmash! by djbckr · · Score: 2

      You have composed what may be the world's most incomprehensible headline!

      Actually, he just copied the headline straight from the article (yes, I read it).

    2. Re:Congratulations, msmash! by Threni · · Score: 2

      Working to stop go...got it.

  6. Re:Super Secure by viperidaenz · · Score: 2

    Like the code to my luggage! 1231!
    It was 1234 but someone told me prime numbers are more secure so I changed it.

  7. Re: Very slim edge case by ckatko · · Score: 2

    That's literally what Slashdot has been since the election. Just a competition to see who can shoehorn the president into today's unrelated topic.

    It's really quite pathetic. But it shouldn't be surprising when you realize all the industry experts have left Slashdot and moved to Hacker News.

    No more John Carmack. No more Walter Bright (creator of D and dozens of compilers). They're all gone because the SNR of this site has gone from good, to parody.

  8. Re:Super Secure by CustomSolvers2 · · Score: 2

    14389 is a prime with uneven digits in even positions

    In a zero-based position counting, yes; but this is the convention only in some (well, most of) programming languages. In an informal chat, the most common interpretation is to assume 1-based positions. Anyway, I was evidently joking: all the numbers are equally secure and random, except 4. LOL.

    --
    Custom Solvers 2.0 = Alvaro Carballo Garcia = varocarbas.
  9. another f'd up headline by swell · · Score: 2

    Will someone pull Slashdot out of the Dark Ages?

    There was a time when it made (commercial) sense to capitalize every word in a headline. Yes, it made money for the hawkers of early newspapers. Big noisy obnoxious headlines made the news sound exciting and motivated people to spend a penny or a nickel.

    How does this mess of a headline make money for Slashdot. How does it make the headline readable? Exactly what are the benefits of this abuse of the language in the age of the internet?

    Wake up Slashdot. Look around- many publishers aren't living in the Dark Ages any more.

    --
    ...omphaloskepsis often...
  10. Re: Very slim edge case by ShanghaiBill · · Score: 4, Insightful

    I'd actually put reelection at 25% personally.

    I give him 50%. He is unpopular, and the election is the Democrat's to lose, but the Dems have an immense capacity for squandering opportunities and self-destructing. If they nominate someone like Elizabeth Warren or Chuck Schumer, I don't see how they are going to carry a single southern state (maybe Virginia), or win much of the Midwest.They can't win with just the coasts. That have to flip either Pennsylvania or Florida. If they can flip both, they win. Otherwise they also need to flip either Michigan or Wisconsin. That will be very hard with a coastal lefty, and there are few moderate Democrats with national stature.

  11. Re:Language specific by Richard_at_work · · Score: 2

    Because only Go uses the Go math/big package, and the issue is with how the math is done in that package?

  12. Re:Very slim edge case by behrooz0az · · Score: 2, Funny

    Ain't karma a bitch?
    You laughed at us Iranians when we got ahmadi-nejad, TWICE. Who's laughing now?

    --
    Moderating "-1, Disagree" is simple censorship. Have the guts to post your opinion. -- Spazmania (174582)
  13. Re: Very slim edge case by TimHunter · · Score: 2

    Just a competition to see who can shoehorn Apple into today's unrelated topic.

    FTFY

  14. Where there's one bug there's more. by mveloso · · Score: 2

    It behooves them to look deeper, because it's always unclear whether those bugs are intentional or not. The more preconditions there are the more likely the issue wasn't organic.

  15. Re: Very slim edge case by David+Gould · · Score: 2

    We weren't laughing, we were watching in horror.

    --
    David Gould
    main(i){putchar(340056100>>(i-1)*5&31|!!(i<6)<< 6)&&main(++i);}
  16. Re:Super Secure by CustomSolvers2 · · Score: 2

    Honestly, I thought that you were also kidding in your first post. Perhaps this wasn't the case, so I will better clarify that the peculiarities of prime numbers only make sense within a very specific context (similarly to what happens with pretty much any other thing), namely divisions. In some algorithms and for whatever reasons you might prefer to make sure that a given number isn't divisible by others and this is where prime numbers are useful. The fact that prime numbers are being used in a relevant number of encryption algorithms (I cannot tell for sure right away, but in principle it doesn't look like an absolutely unavoidable requirement) has to be understood as those algorithms providing the aforementioned meaningful context for them (= divisions where having a reminder different than zero matters or not).

    In general terms and when choosing any given number, all of them are identically good. The right context for choosing a safe password is it to be difficult for other person to guess. Thinking that specific numbers or days of the week or years or similar are intrinsically better than others only makes sense within magic-like expectations (superstition, religion or things on these lines), what is pretty much the opposite to what empirical and deterministic maths/programming/engineering/science everything is supposed to be.

    --
    Custom Solvers 2.0 = Alvaro Carballo Garcia = varocarbas.
  17. Re: Very slim edge case by gtall · · Score: 2

    Really? Hitler whacked millions. Okay youse guys, how many have you whacked so we can run the numbers and get this Hitler accusation decided.