[tor-bugs] #17799 [Tor]: Hash All PRNG output before use
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun Dec 20 13:36:34 UTC 2015
#17799: Hash All PRNG output before use
--------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: needs_revision
Priority: Medium | Milestone: Tor: 0.2.8.x-final
Component: Tor | Version: Tor: unspecified
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
--------------------+------------------------------------
Comment (by yawning):
Replying to [comment:8 nickm]:
> The Keccak sponge function is an invertible permutation, right? If so,
unless I'm crazy or missing something, I don't think their design would
provide backtracking resistance except when new entropy is added. Looks a
teeny bit faster though, but probably not a huge amount.
Indeed, though see 4.3. Compared to the construct you use, the main
difference seemed performance related, I linked the paper mainly for
reference. Rebasing against my take2 branch should be easy, let me know
if it's not and I can fix it further.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17799#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list