[tbb-bugs] #17244 [Tor Browser]: Low entropy PRNG usage in Tor Browser?

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Oct 6 16:45:17 UTC 2015

#17244: Low entropy PRNG usage in Tor Browser?
     Reporter:           |      Owner:  tbb-team
  arthuredelstein        |     Status:  new
         Type:  defect   |  Milestone:
     Priority:  normal   |    Version:
    Component:  Tor      |   Keywords:  tbb-linkability,
  Browser                |  TorBrowserTeam201510
   Resolution:           |  Parent ID:
Actual Points:           |    Sponsor:
       Points:           |

Comment (by arthuredelstein):

 Replying to [comment:3 yawning]:
 > https://bugzilla.mozilla.org/show_bug.cgi?id=322529 has a long rambling
 discussion on this, and no patch.
 > To alleviate tracking concerns the seed needs to be changed.  To make
 the world a better place, the algorithm could be replaced with something
 sensible as well (Just replacing the algorithm is insufficient to prevent
 the bad guys from making an educated guess about the clock, even if the
 algorithm has backtracking resistance).

 Thanks for making this point and for the link. One possibility would be to
 use the `'@mozilla.org/security/random-generator;1'` (which is used to
 implement `window.crypto.getRandomValues()`), either as the seed alone or
 to replace both the seed and the algorithm. I don't know what the
 downsides might be -- perhaps there might be a performance penalty.

 It's interesting to see that Mozilla attempted to prevent cross-site
 tracking when they decided to re-seed the PRNG for each JS context in this
 bug: https://bugzilla.mozilla.org/show_bug.cgi?id=475585

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17244#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tbb-bugs mailing list