Merge remote-tracking branch 'public/feature17694_strongest_027'

author: Nick Mathewson <nickm@torproject.org> 2015-12-10 09:02:10 -0500
committer: Nick Mathewson <nickm@torproject.org> 2015-12-10 09:02:10 -0500
commit: 7186e2a94361e29188ba43837e244683ce7fbf04 (patch)
tree: 7a2812d5dd3d609b575b0667c8974a385a0137f9 /changes
parent: 7e7188cb00d02a52baee1a26b548cd5eebd85ce7 (diff)
parent: 3843c6615c7f62606973fef9068bbb7be58ff243 (diff)
download: tor-7186e2a94361e29188ba43837e244683ce7fbf04.tar.gz
tor-7186e2a94361e29188ba43837e244683ce7fbf04.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/changes/bug17694_strongest b/changes/bug17694_strongest
new file mode 100644
index 0000000000..0a8954a25e
--- /dev/null
+++ b/changes/bug17694_strongest
@@ -0,0 +1,6 @@
+  o Minor features (security):
+    - Never use the system entropy output directly for anything besides
+      seeding the PRNG.  When we want to generate important keys, instead
+      of using system entropy directly, hash it with the PRNG stream.
+      This may help resist certain attacks based on broken OS entropy
+      implementations. Closes part of ticket 17694.
+\ No newline at end of file
author	Nick Mathewson <nickm@torproject.org>	2015-12-10 09:02:10 -0500
committer	Nick Mathewson <nickm@torproject.org>	2015-12-10 09:02:10 -0500
commit	7186e2a94361e29188ba43837e244683ce7fbf04 (patch)
tree	7a2812d5dd3d609b575b0667c8974a385a0137f9 /changes
parent	7e7188cb00d02a52baee1a26b548cd5eebd85ce7 (diff)
parent	3843c6615c7f62606973fef9068bbb7be58ff243 (diff)
download	tor-7186e2a94361e29188ba43837e244683ce7fbf04.tar.gz tor-7186e2a94361e29188ba43837e244683ce7fbf04.zip