[tor-bugs] #23414 [Core Tor/Tor]: rep_hist_format_hs_stats() should add noise, then round

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Sep 15 06:34:49 UTC 2017

#23414: rep_hist_format_hs_stats() should add noise, then round
 Reporter:  teor                                 |          Owner:  teor
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.2.x-final
Component:  Core Tor/Tor                         |        Version:  Tor:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-relay, security-low, privcount,  |  Actual Points:  1.0
  031-backport, 030-backport, 029-backport,      |
  028-backport                                   |
Parent ID:  #23061                               |         Points:  0.5
 Reviewer:                                       |        Sponsor:
Changes (by teor):

 * status:  needs_revision => needs_review
 * actualpoints:   => 1.0


 See my branches bug23414-029 and bug23414-028, which are security-low
 because the current code leaks the low bits of the noise. (And it biases
 the result upwards by an average of the bin size divided by 2, because it
 rounds first, then adds noise.)

 bug23414-028 has the following changes:
 * the context is different due to #19130 going into 0.2.9 (but we replace
 the code from 0.2.8 and 0.2.9 with the same code)
 * there's no BUG macro in 0.2.8
 * the existing unit tests for round_int64_to_next_multiple_of() were based
 on the old implementation, which had the same upwards bias as the 0.2.9
 implementation, due to the rounding function itself, rather than the order
 of operations

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23414#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list