[tor-bugs] #10402 [Tor]: Force disable use of RDRAND in OpenSSL when HardwareAccel is enabled
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Dec 14 18:18:21 UTC 2013
#10402: Force disable use of RDRAND in OpenSSL when HardwareAccel is enabled
------------------------+-----------------
Reporter: anon | Owner:
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
------------------------+-----------------
Comment (by anon):
One last note: the OS kernel will likely use RDRAND to keep /dev/random
populated. This is a Good Thing (TM) as long as you make sure you're
using a recent kernel that integrates RDRAND properly, e.g.:
1. Mix RDRAND into a hash across the pool, not XOR'd against output
2. Mix the mix back into pool (prevent backtrack attacks)
3. Atomically extract portion of pool and mix
4. Fold final extracted output in half for conservative operation
See
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/drivers/char/random.c#n1038
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10402#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list