[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #17799 [Tor]: Hash All PRNG output before use
#17799: Hash All PRNG output before use
------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
------------------------+--------------------------------
#17694 hashes important PRNG output with some system randomness before
use, so that observed PRNG outputs are resistant to PRNG state analysis.
But almost all of Tor's use of PRNG outputs is observable from one or more
locations outside Tor, whether in salts or nonces sent to other machines
on the wire, or in the random choices made in guard, directory, and path
selection.
We could hash all of the bytes coming from the PRNG to avoid this state
exposure. (Although we might not need to use the system randomness source
each time.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17799>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs