#23061: crypto_rand_double() should produce all possible outputs on platforms 
32-bit int
 Reporter:  teor                                 |          Owner:  nickm
     Type:  defect                               |         Status:
                                                 |  needs_revision
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.2.x-final
Component:  Core Tor/Tor                         |        Version:  Tor:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-relay, security-low, privcount,  |  Actual Points:  0.5
  031-backport, 030-backport, 029-backport, 028  |
  -backport-maybe, 027-backport-maybe, 026       |
  -backport-maybe                                |
Parent ID:                                       |         Points:  0.1
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorQ

Comment (by teor):

 I think one way we could choose between our goals is to look at how the
 function is used (and could be used for privcount-in-tor's guassians, and
 could be used in other places where we synthesise a random double using a
 similar method).

 For example, if we used the naïve algorithm that divides [0, UINT64_MAX]
 by (UINT64_MAX+1), I think we get a pattern like:
 0, 1/2^64^, 2/2^64^, 3/2^64^, ... , 2^53^/2^64, 2^53^/2^64,
 (2^53^+2)/2^64, ... , (2^64^ - 2^11^ - 2^10^)/2^64^ (~2^11^ times), 1.0
 (~2^10^ times)
 due to representation limits (the details would vary depending on the
 rounding mode and possibly the hardware).

 I wonder if this satisfies the requirements for our random noise
 distributions (which is where we mainly use this function) after being
 passed through the laplace and guassian transforms.

 We should document their range and granularity in a similar level of
 detail, too.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23061#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
tor-bugs mailing list

Reply via email to