Open mcpherrinm opened 1 year ago
Could it be better? Yes, but I dont see this as an issue in this case since we're using a hash of the value (rather than the value) that results in a 128-bit key.
It's a bit frayed at the edges. It's probably more important than it used to be.
I dont see this as an issue in this case since we're using a hash of the value (rather than the value) that results in a 128-bit key.
You are not getting a key with 128 bits of entropy just because the digest is 128 bits. Running a weak source of entropy through a hash function does not address the underlying problem.
I was reviewing ossec-hids as a potential FIM solution. In manage_agents, I noticed that the agent keys are generated as:
These seem relatively weak sources of random compared to using a CSPRNG, which is concerning. I don't see any dedicated security contact for the project so I'm opening this issue.
Do you consider this a security problem? Are there any mitigating factors I'm unaware of?