The Tor project has cooked up a new way to generate random numbers to help secure its next-generation onion router.

Random numbers are essential for secure communications, because they're used to generate encryption keys. If the numbers used to do so are even a little bit predictably random, it's possible to deduce the range of keys they'll produce and then crack crypto.

The need for good random numbers is old news for the Tor project, which is why it's devised a way to have “multiple computers collaborate and generate a single random number in a way that nobody could have predicted in advance (not even themselves).” Tor thinks this is the first such distributed RNG to run over the Internet.

This scheme was tested last week on an 11-node Tor network that the project says ran for a week and “allowed us to test scenarios that could make the protocol burp and fail in unpredictable ways.”

“For example, we instructed our testing Tor nodes to abort at crucial protocol moments, and come back in the worst time possible ways, just to stress test the system. We had our nodes run ancient Tor versions, perform random chaotic behaviors, disappear and never come back, etc.”

Things went sufficiently well that that the project's people have “confirmed that our system can survive network failures that can happen on the real Internet.”

The randomness protocol isn't finished, because the project's contributors thinks it can be improved. But the system is expected to make it into the next version of Tor, along with 55-character-long addresses (up from 16). The full spec for next-generation Tor is detailed in Proposal 224. ®