back to article Next-gen Tor to use distributed RNG, 55-character addresses

The Tor project has cooked up a new way to generate random numbers to help secure its next-generation onion router. Random numbers are essential for secure communications, because they're used to generate encryption keys. If the numbers used to do so are even a little bit predictably random, it's possible to deduce the range …

  1. Lee D

    Network protocols handling clients stopping communicating at unpredictable? How novel. Gosh. No other protocol has to handle that as part of their standard specifications...

    More seriously, quite how does it handle having rogue agents be part of the pool providing randomness. What control of the network do you require to influence the random numbers generated?

    1. Pseudonymous Diehard

      @Lee D

      Umm...what?

    2. Warm Braw Silver badge

      Good question. Proposal 224 only makes reference to the shared result not being "too influenceable" by an attacker and describes the proposal for a protocol as "somewhat broken". I assume it's the somewhat brokenness that the recent test was aiming to resolve and that the answer will emerge when they write it up.

    3. Old Handle

      It all depends on what they do with the randomness from other computers I guess. For instance one of the simplest things they could do is have several computers generate random numbers of the same size and XOR them together. In that scenario, the worst an attacker can do is not help any. Even if they hand you 000000000000000 or the like, combining that with your own number won't make it any worse.

  2. Pseudonymous Diehard

    and now for something completely random

    Why are we still trying to create entropy when there is plenty of entropy in the universe?

    1. Fading

      Re: and now for something completely random

      Agreed all they need to do is wire it up to some Brownian motion source. May I suggest a nice hot cup of tea?

      1. Chemical Bob

        Re: Brownian motion source

        "May I suggest a nice hot cup of tea?"

        Earl Grey, Darjeeling or Green?

    2. Keith Glass
      Trollface

      Re: and now for something completely random

      You're obviously new to the Interwebz. We're **ALWAYS** looking for more ways to increase entropy.

      In fact, there's an entire field devoted to it. We call it "management". . . .

      (evil grin)

    3. DropBear

      Re: and now for something completely random

      Because we have a "...but we can fix it purely in software...!" fetish.

    4. Aodhhan

      Re: and now for something completely random

      This makes no sense. Entropy is an expected value of information. Not the information itself.

      It's cute you're trying to use words though. :)

      1. Aodhhan

        Re: and now for something completely random

        To be more specific:

        Entropy is a measurement (well a range~predictability vs uncertainty) typically outlining disorder in communication through mathematical means. It's not the actual disorder.

        You're basically saying something odd like, the desert has enough Celcius.

        1. Fading

          Re: and now for something completely random

          Funnily enough there is more than one definition of entropy.

  3. Cynic_999

    RNG as an Internet service?

    Hardware RNGs that are completely unpredictable are pretty simple and cheap to make (e.g. based on the thermal noise seen in a reverse biased zener diode). It would be pretty trivial to use a bank of hardware RNGs to feed a server that will supply a different random number each time one is requested. These could be set up by various organisations as a public service, much the same as Internet time servers. All a user would then need to do when needing a random number would be to obtain a few numbers from different servers and XOR them all together. That way if only one of the servers gave an unpredictable random number and all the others were compromised, the result would still be unpredictable.

    1. This post has been deleted by its author

    2. saywhatagain

      Re: RNG as an Internet service?

      Because what we really need is the most fundamental aspect of encryption entrusted to a third party, and which public organisations are you planning on entrusting your all of your encryption to?

    3. /\/\j17

      Re: RNG as an Internet service?

      "It would be pretty trivial to use a bank of hardware RNGs to feed a server that will supply a different random number each time one is requested."

      ...which instantly makes hardware RNGs pointless in this context. The whole point of a network like TOR is that there's no 'home', no central hub that can be used as a point of attack.

      Either you have to have a central set of hardware RNGs feeding the TOR network (that the authorities could take control of) or each TOR user has to buy a hardware RNG generator to use the network (that authorities could attack at the manufacturer level - and considering they would probably end up being manufacturer in China...).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like