[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #12016 [Ooni]: Report ID Generated with Insecure RNG



#12016: Report ID Generated with Insecure RNG
---------------------+-------------------------
 Reporter:  hellais  |          Owner:  hellais
     Type:  defect   |         Status:  new
 Priority:  normal   |      Milestone:
Component:  Ooni     |        Version:
 Keywords:  oonib    |  Actual Points:
Parent ID:           |         Points:
---------------------+-------------------------
 defuse reported:

 In #48 we are discussing the report ID being leaked through side channels.
 There is currently a more severe issue: The random characters in the
 report ID are generated with an insecure (predictable) random number
 generator:


 import random
 # ...
 def randomStr(length, num=True):
     """
     Returns a random a mixed lowercase, uppercase, alfanumerical (if num
 True)
     string long length
     """
     chars = string.ascii_lowercase + string.ascii_uppercase
     if num:
         chars += string.digits
     return ''.join(random.choice(chars) for x in range(length))]


 If the report ID is to be used for authentication, those characters should
 be generated with a CSPRNG.

 Note: This is not part of the Least Authority audit.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/12016>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs