Opened 5 years ago

Last modified 2 years ago

#13697 new enhancement

Carry entropy across invocations

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-relay rng security
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Wen Tor starts, after seeding the CSPRNG, we should save some of its output to an "entropy" file. On later invocations, we should reseed from that file in addition to seeding from the OS, and then replace it with new CSPRNG output.

This is silly voodoo that might help us out if we're ever in a position where the OS has previously been well seeded but later is not. It can't make things worse, so long as RAND_add() is additive.

It's deferrable; #13696 is more important, assuming a non-broken OS.

Child Tickets

Change History (6)

comment:1 Changed 5 years ago by nickm

Milestone: Tor: 0.2.6.x-finalTor: 0.2.???

comment:2 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:3 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:4 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:5 Changed 2 years ago by nickm

Keywords: 026-deferrable removed

comment:6 Changed 2 years ago by nickm

Keywords: tor-relay rng security added
Severity: Normal
Note: See TracTickets for help on using tickets.