[tor-bugs] #10676 [Tor]: Verify urandom-style RNG is seeded before generating ID keys
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 21 12:24:36 UTC 2014
#10676: Verify urandom-style RNG is seeded before generating ID keys
-----------------------------+--------------------------------------------
Reporter: nickm | Owner:
Type: enhancement | Status: needs_review
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-server rng urandom startup
Actual Points: | Parent ID:
Points: |
-----------------------------+--------------------------------------------
Comment (by user101):
I think this relates to cypherpunks comment above and I don't have any
references of my own handy, but it is not sufficient for /dev/random to
*think* it has or has had entropy. It has been shown that the "entropy"
generated at bootup by many small, diskless devices such as consumer
grade "wireless routers" will tend to be similar between identical units,
likely contributing to the problems noted in the factorable.net link in
cyperpunks post. This is related to, but not identical with, the problems
noted in the Linux man page for /dev/random leading to the recommendation
to carry entropy over across boots. So somehow on these "limited entropy
devices" you need to wait long enough for *real* entropy to be generated
that will be sufficiently different from the "entropy" generated on other
like devices. /dev/random will *think* it has entropy long before this.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10676#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list