[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network

Subject: Re: [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 26 Nov 2015 03:46:03 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 25 Nov 2015 22:46:12 -0500
In-reply-to: <044.9acd03e73562c532529de00cbfab999a@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.9acd03e73562c532529de00cbfab999a@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#17694: Hash PRNG output before use, so that it's not revealed to the network
-------------------------+------------------------------------
 Reporter:  teor         |          Owner:
     Type:  enhancement  |         Status:  new
 Priority:  Medium       |      Milestone:  Tor: 0.2.8.x-final
Component:  Tor          |        Version:  Tor: unspecified
 Severity:  Normal       |     Resolution:
 Keywords:               |  Actual Points:
Parent ID:               |         Points:
  Sponsor:               |
-------------------------+------------------------------------

Comment (by teor):

 Yes, we should always use a PRNG that's unpredictable (and switch as soon
 as we suspect it's not). On that topic, OpenSSL still uses SHA-1
 internally for its PRNG, and we're trying to phase out SHA-1. But I'm not
 sure if known SHA-1 vulnerabilities affect its use in the OpenSSL PRNG.

 Hashing PRNG output helps protect previous random outputs, if we discover
 later on that our PRNG was more predictable than we thought. (It works
 kinda like forward secrecy for random numbers.)

 On the other hand, hashing PRNG output could introduce vulnerabilities if
 any bits of the hash function's output are correlated with each other.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17694#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
Next by Author: Re: [tor-bugs] #17668 [Tor]: moria1, with updated v3 cert: Bug: Generated a networkstatus consensus we couldn't parse.
Previous by thread: Re: [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
Next by thread: Re: [tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
Index(es):
- Author
- Thread