Rob Jansen

We decided that we want to at the very least double check that the preloaded cipher functions are getting intercepted on the specific machine that was used to run this...

I ran a 10% Tor network with shadow/shadow@154a11d8bc2a84eb09f884cf27d5186b0890ec2b with and without the following code (taken from shadow-tor-preload) preloaded into the managed processes: ```c /* * The Shadow Simulator * Copyright...

We found some additional functions to add: - `CRYPTO_ctr128_encrypt` - `CRYPTO_ctr128_encrypt_ctr32` We found that when adding these functions, the counts for `CRYPTO_ctr128_encrypt_ctr32` increases and the counts for `EVP_Cipher` goes to...

Adding the new functions to the preload lib still resulted in positive interception counts only for `EVP_Cipher`: ``` { 'AES_encrypt': 0, 'AES_decrypt': 0, 'AES_ctr128_encrypt': 0, 'CRYPTO_ctr128_encrypt': 0, 'CRYPTO_ctr128_encrypt_ctr32': 0, 'EVP_Cipher':...

The performance change is no longer significant enough to warrant the complexity of building custom libevent and openssl libraries, at least not by default. If we find that the overhead...

We realized that skipping crypto ops may still be useful in some environments, particularly on older CPUs that do not support AES-NI crypto optimizations. We plan to test the effect...

The current approach to skip AES was to intercept the crypto cipher function. In Tor, this turns out to be `CRYPTO_ctr128_encrypt_ctr32`. However, this function is not called directly from Tor...

> maybe the default for "amount of time to move forward" should be 0, so that it is something the user would explicitly opt into to work around a spin...

A distributed logging framework seems a bit too heavyweight for this use case imo.

Hmm the anchoring seems like it could be useful though, even if not for our tornettools workflows. We ought to document that this is possible, maybe in one of the...