Use a more randomized hash function for our hash tables
|Reported by:||nickm||Owned by:|
|Severity:||Keywords:||security, tor-relay, tor-dos, 2016-bug-retrospective|
(This is NOT about using a new cryptographic hashing algorithm.)
There's been some good work recently  about the class of DOS attacks where you know the hash algorithm that's going to be used for putting data into a hash table, so you provide a whole bunch of known-to-collide inputs so that the hashtable operations will become O(N) rather than O(1).
To avoid this class of attacks, we ought to have some sort of a per-run random tweak on the data-hashing functions we use for our hash tables.
Change History (19)
comment:4 Changed 5 years ago by asn
- Milestone changed from Tor: 0.2.3.x-final to Tor: 0.2.4.x-final
comment:10 Changed 4 years ago by nickm
- Milestone changed from Tor: 0.2.4.x-final to Tor: 0.2.5.x-final
- Priority changed from normal to major
- Type changed from defect to enhancement
comment:15 Changed 3 years ago by nickm
- Resolution set to implemented
- Status changed from needs_review to closed