[tor-bugs] #17799 [Tor]: Hash All PRNG output before use
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Dec 10 03:17:47 UTC 2015
#17799: Hash All PRNG output before use
------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Sponsor:
------------------------+--------------------------------
#17694 hashes important PRNG output with some system randomness before
use, so that observed PRNG outputs are resistant to PRNG state analysis.
But almost all of Tor's use of PRNG outputs is observable from one or more
locations outside Tor, whether in salts or nonces sent to other machines
on the wire, or in the random choices made in guard, directory, and path
selection.
We could hash all of the bytes coming from the PRNG to avoid this state
exposure. (Although we might not need to use the system randomness source
each time.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17799>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list