Crypt-SaltedHash Weak RNG Flaw Undermines Password Security
A critical vulnerability in Crypt-SaltedHash reveals that salt generation relies on a cryptographically weak pseudo-random number generator, allowing attackers to predict salts and compromise password protections. Ubuntu has released security updates to address this flaw across affected systems.
TL;DR
- Crypt-SaltedHash uses weak RNG for salt generation, enabling salt prediction attacks
- Predictable salts significantly reduce the effectiveness of password hashing defenses
- Ubuntu patch USN-8418-1 addresses the vulnerability across supported distributions
- Organizations should update affected systems immediately to restore cryptographic integrity
A significant cryptographic weakness has been identified in Crypt-SaltedHash, a library commonly used for password hashing and storage. The vulnerability stems from the use of a cryptographically weak pseudo-random number generator (PRNG) when generating salts—random values that should be unpredictable and unique for each password hash.
This flaw creates a serious attack surface: if an attacker can predict the salts used during password hashing, they can precompute hash values more efficiently, dramatically accelerating brute-force and rainbow table attacks. The security model of salted hashing depends entirely on salt unpredictability, making this a fundamental compromise of the defense mechanism.
Ubuntu has released security notice USN-8418-1 to address this issue. Organizations running affected systems should prioritize patching to restore the cryptographic guarantees that salted hashing is designed to provide.
How the Vulnerability Weakens Cryptographic Protections
- Salts are meant to be unpredictable; weak RNG generation makes them guessable by attackers
- Predictable salts enable efficient precomputation of hash tables, negating the primary benefit of salting
- Attackers can reduce computational cost of cracking multiple passwords simultaneously
- The vulnerability affects any application or system relying on Crypt-SaltedHash for credential storage
Remediation and Best Practices
- Apply Ubuntu security patch USN-8418-1 immediately to all affected systems and distributions
- Verify that password hashing libraries use cryptographically secure random sources (e.g., /dev/urandom, os.urandom)
- Consider re-hashing stored passwords with corrected implementations after patching
- Audit dependent applications to confirm they are not caching or relying on previously generated weak salts
- Monitor for any unauthorized access patterns that may indicate exploitation of this weakness
Sources
Sources
Security email updates
One digest email when we publish new security articles (TL;DR plus links to read more). Unsubscribe anytime from the message footer. See our Privacy Policy.