[tor-bugs] #17694 [Tor]: Hash PRNG output before use, so that it's not revealed to the network
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 26 11:48:58 UTC 2015
#17694: Hash PRNG output before use, so that it's not revealed to the network
-------------------------+------------------------------------
Reporter: teor | Owner:
Type: enhancement | Status: needs_review
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
-------------------------+------------------------------------
Changes (by teor):
* status: new => needs_review
Comment:
Since I'd written the code already, I updated my rand-hash-v2 branch based
on bug17686_v2_027 in #17686. See https://github.com/teir2345/tor.git
It contains the modifications to crypto_rand, and new benchmarks comparing
crypto_rand (hashed PRNG output) with crypto_rand_raw (PRNG output).
While I don't think PRNG performance is critical-path, on typical random
data requests, random performance increases up to 48% at smaller sizes (4
bytes) due to the hash output buffer, and performance decreases up to 27%
at larger sizes (32 bytes).
If we do choose to go ahead with this, we should run the unit tests on
both crypto_rand_raw and crypto_rand. I can update the existing unit tests
to do that, and I'd like to include the unit tests in #17697 as well. But
I'll wait until we decide we want this change.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17694#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list