Next-gen Tor to use distributed RNG, 55-character addresses The Tor project has cooked up a new way to generate random numbers to help secure its next-generation onion router. Random numbers are essential for secure communications, because they're used to generate encryption keys. If the numbers used to do so are even a little bit predictably random, it's possible to deduce the range …
Network protocols handling clients stopping communicating at unpredictable? How novel. Gosh. No other protocol has to handle that as part of their standard specifications...
More seriously, quite how does it handle having rogue agents be part of the pool providing randomness. What control of the network do you require to influence the random numbers generated?
Good question. Proposal 224 only makes reference to the shared result not being "too influenceable" by an attacker and describes the proposal for a protocol as "somewhat broken". I assume it's the somewhat brokenness that the recent test was aiming to resolve and that the answer will emerge when they write it up.
It all depends on what they do with the randomness from other computers I guess. For instance one of the simplest things they could do is have several computers generate random numbers of the same size and XOR them together. In that scenario, the worst an attacker can do is not help any. Even if they hand you 000000000000000 or the like, combining that with your own number won't make it any worse.
To be more specific:
Entropy is a measurement (well a range~predictability vs uncertainty) typically outlining disorder in communication through mathematical means. It's not the actual disorder.
You're basically saying something odd like, the desert has enough Celcius.
Hardware RNGs that are completely unpredictable are pretty simple and cheap to make (e.g. based on the thermal noise seen in a reverse biased zener diode). It would be pretty trivial to use a bank of hardware RNGs to feed a server that will supply a different random number each time one is requested. These could be set up by various organisations as a public service, much the same as Internet time servers. All a user would then need to do when needing a random number would be to obtain a few numbers from different servers and XOR them all together. That way if only one of the servers gave an unpredictable random number and all the others were compromised, the result would still be unpredictable.
This post has been deleted by its author
"It would be pretty trivial to use a bank of hardware RNGs to feed a server that will supply a different random number each time one is requested."
...which instantly makes hardware RNGs pointless in this context. The whole point of a network like TOR is that there's no 'home', no central hub that can be used as a point of attack.
Either you have to have a central set of hardware RNGs feeding the TOR network (that the authorities could take control of) or each TOR user has to buy a hardware RNG generator to use the network (that authorities could attack at the manufacturer level - and considering they would probably end up being manufacturer in China...).
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
