Users login

Create an account »


Users login

Home » Hacking News » OpenSSL PRNG Internal State Disclosure Vulnerability

OpenSSL PRNG Internal State Disclosure Vulnerability

by phiber on July 20th, 2001 The randomness pool and associated mixing function used by the OpenSSL PRNG (pseudo-random number generator) suffer from a flaw that could enable an attacker to reconstruct the generator's internal state.

The flaw exists because the data quantum used for generator output is derived from a hash value to which the same portion of secret internal state data was input. In general, this means the state data can no longer be considered secret. The number of requested PRNG output bytes can be as low as one, allowing for brute-force analysis of all possible cases.

If an attacker is able to gain knowledge of the generator's state, it may be possible for that attacker to predict future results.

The impact of this vulnerability depends on the nature of the target application or protocol. It is relatively unlikely for data to be retrieved from the OpenSSL PRNG in a pattern allowing for attacks.

No vulnerable applications are currently known.


Vendor-supplied patches that rectify this issue are available:

OpenSSL Project OpenSSL 0.9.6a:

OpenSSL Project OpenSSL 0.9.6:

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »