Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  major        |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:                    
 Keywords:  tor-relay    |         Parent:  #5456             
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by nickm):

 Replying to [comment:10 mikeperry]:
 > Aha! You only have 3 guards, and Directory Guards means you now only
 need to make exactly that many TLS connections as a client.
 >
 > This means we could include the TLS hash only in the full descriptor,
 and clients could then simply fetch the full descriptor for their guards.

 Fetch from whom?  If they get the descriptor from the party they assume is
 their guard, it could be a fake one signed by the adversary (if the
 adversary has compromised the guard's identity key).  If they get it
 directly from some other party, they will be leaking who their guards are,
 *AND* that party could give them a one-off fake one, or an old one, or
 whatever.  (The defense against getting an old/weird descriptor is
 checking its digest against the one listed in the consensus.  But the
 microdescriptor consensus doesn't list descriptor digests.)

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs