[tor-talk] key generation on first boot with low entropy

Nick Mathewson nickm at alum.mit.edu
Mon Jan 20 17:35:45 UTC 2014


On Wed, Jan 15, 2014 at 6:33 AM, Gerardus Hendricks
<konfkukor at riseup.net> wrote:
> On 1/14/14 7:39 PM, anarcat wrote:
>> How does tor generate its private key? Does it use /dev/random? Is there
>> an issue with bootstrapping a new tor node straight from the first
>> install, when entropy is potentially low?


If you're worried about the particular scenario where you've got a
device --especially a diskless device -- that has never been booted
before, one option is to have the script you use to start Tor check
whether an identity key has been created.  If it hasn't, it should try
to read a byte from /dev/random before it starts Tor, and block until
it actually can read that byte.

This is an ugly hack, of course!  I'd much prefer if kernels
everywhere would have /dev/urandom block in the case when there has
never been enough entropy in /dev/urandom.

I've added a ticket
(https://trac.torproject.org/projects/tor/ticket/10676) for better
workarounds for this.

-- 
Nick


More information about the tor-talk mailing list