[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #17799 [Tor]: Hash All PRNG output before use



#17799: Hash All PRNG output before use
------------------------+--------------------------------
     Reporter:  teor    |      Owner:
         Type:  defect  |     Status:  new
     Priority:  Medium  |  Milestone:  Tor: 0.2.8.x-final
    Component:  Tor     |    Version:  Tor: unspecified
     Severity:  Normal  |   Keywords:
Actual Points:          |  Parent ID:
       Points:          |    Sponsor:
------------------------+--------------------------------
 #17694 hashes important PRNG output with some system randomness before
 use, so that observed PRNG outputs are resistant to PRNG state analysis.

 But almost all of Tor's use of PRNG outputs is observable from one or more
 locations outside Tor, whether in salts or nonces sent to other machines
 on the wire, or in the random choices made in guard, directory, and path
 selection.

 We could hash all of the bytes coming from the PRNG to avoid this state
 exposure. (Although we might not need to use the system randomness source
 each time.)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17799>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs