[tor-bugs] #23061 [Core Tor/Tor]: crypto_rand_double() should produce all possible outputs on platforms with 32-bit int
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Aug 7 03:19:41 UTC 2017
#23061: crypto_rand_double() should produce all possible outputs on platforms with
32-bit int
-------------------------------------------------+-------------------------
Reporter: teor | Owner: nickm
Type: defect | Status:
| needs_revision
Priority: Medium | Milestone: Tor:
| 0.3.2.x-final
Component: Core Tor/Tor | Version: Tor:
| 0.2.2.14-alpha
Severity: Normal | Resolution:
Keywords: tor-relay, security-low, privcount, | Actual Points: 0.5
031-backport, 030-backport, 029-backport, 028 |
-backport-maybe, 027-backport-maybe, 026 |
-backport-maybe |
Parent ID: | Points: 0.1
Reviewer: | Sponsor:
| SponsorQ
-------------------------------------------------+-------------------------
Comment (by teor):
I think one way we could choose between our goals is to look at how the
function is used (and could be used for privcount-in-tor's guassians, and
could be used in other places where we synthesise a random double using a
similar method).
For example, if we used the naïve algorithm that divides [0, UINT64_MAX]
by (UINT64_MAX+1), I think we get a pattern like:
0, 1/2^64^, 2/2^64^, 3/2^64^, ... , 2^53^/2^64, 2^53^/2^64,
(2^53^+2)/2^64, ... , (2^64^ - 2^11^ - 2^10^)/2^64^ (~2^11^ times), 1.0
(~2^10^ times)
due to representation limits (the details would vary depending on the
rounding mode and possibly the hardware).
I wonder if this satisfies the requirements for our random noise
distributions (which is where we mainly use this function) after being
passed through the laplace and guassian transforms.
We should document their range and granularity in a similar level of
detail, too.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23061#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list