[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5968 [Tor]: Improve onion key and TLS management



#5968: Improve onion key and TLS management
-------------------------+--------------------------------------------------
 Reporter:  mikeperry    |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  major        |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:                    
 Keywords:  tor-relay    |         Parent:  #5456             
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by mikeperry):

 Replying to [comment:11 nickm]:
 > Replying to [comment:10 mikeperry]:
 > > Aha! You only have 3 guards, and Directory Guards means you now only
 need to make exactly that many TLS connections as a client.
 > >
 > > This means we could include the TLS hash only in the full descriptor,
 and clients could then simply fetch the full descriptor for their guards.
 >
 > Fetch from whom?  If they get the descriptor from the party they assume
 is their guard, it could be a fake one signed by the adversary (if the
 adversary has compromised the guard's identity key).  If they get it
 directly from some other party, they will be leaking who their guards are,
 *AND* that party could give them a one-off fake one, or an old one, or
 whatever.  (The defense against getting an old/weird descriptor is
 checking its digest against the one listed in the consensus.  But the
 microdescriptor consensus doesn't list descriptor digests.)

 Oh damnit. I did not realize that clients stopped downloading the full
 consensus in favor of the microdesc-only one. Moreover, I also didn't know
 the microdescriptors in no way authenticated full descriptors. That sucks.

 I guess we're back to deciding if the overhead is worth it for this or
 not? Looks like it comes out to about 3% overhead for including a 256bit
 hash for each relay in the current cached-microdescs file.,,

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5968#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs