[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: TLS Man-In-The-Middle Vulnerability

To: Erwin Lam <erwinlam@xxxxxx>, or-talk@xxxxxxxxxxxxx
Subject: Re: TLS Man-In-The-Middle Vulnerability
From: Scott Bennett <bennett@xxxxxxxxxx>
Date: Mon, 23 Nov 2009 12:46:48 -0600 (CST)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 23 Nov 2009 13:47:02 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

     On Mon, 23 Nov 2009 05:21:41 +0100 Erwin Lam <erwinlam@xxxxxx> wrote:
>On Monday 23 November 2009 03:29:14 Scott Bennett wrote:
>>      On Sun, 22 Nov 2009 23:47:36 +0100 Erwin Lam <erwinlam@xxxxxx> wrote:
>> >On Thursday 12 November 2009 03:15:20 Nick Mathewson wrote:
>> >> On Wed, Nov 11, 2009 at 12:59:21PM -0500, Andrew S. Lists wrote:
>> >> > On 11/05/09 15:52, Nick Mathewson wrote:
>> >> > > On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote:
>> >> > >> Don't know if any one else has seen or taken a look at this.
>> >> > >> I don't know if this affects Tor, though I believe that we do
>> >> > >> use certificate renegotiation in the protocol, and that is
>> >> > >> the entry vector for this particular vulnerability:
>> >> > >
>> >> > > FWIW, this doesn't affect Tor.  The problem here is not
>> >> > > renegotiation per se; the problem is doing renegotiation, then
>> >> > > acting as though data sent _before_ the renegotiation were
>> >> > > authenticated with the rengotiated credentials.
>> >> > >
>> >> > > The Tor protocol isn't vulnerable here because 1) it doesn't
>> >> > > allow data to be sent before the renegotiation step, and 2) it
>> >> > > doesn't treat a renegotiation as authenticating previously
>> >> > > exchanged data (because there isn't any).
>> >> >
>> >> > The vulnerability itself might not effect Tor, but the OpenSSL
>> >> > workaround for this vulnerability of disabling renegotiation by
>> >> > default in 0.9.8l [1] might not play nice with a Tor
>> >> > implementation.
>> >>
>> >>=20
>> >> Indeed it will not.  We have a fix in svn to make the 0.2.1.x and
>> >> 0.2.2.x-alpha series both work correctly with OpenSSL 0.9.8l. 
>> >> With any luck, we should get releases out before too long.
>> >
>> >Hi Nick,
>> >
>> >Would you mind releasing that updated version a.s.a.p. Tor doesn't
>> > work=20 here at all anymore
>> 
>>      You must be just a tad behind in your reading.  The announcement
>>  has already been posted.  Just go to the tor download page, and get
>>  it.
>
>Well, I am running tor v 0.2.1.20, which is the most recent version, on openSUSE 11.2 (x86_64). This is what I see in the log:
>
>Nov 23 05:07:29.317 [notice] Tor 0.2.1.20 opening log file.
>Nov 23 05:07:29.352 [notice] Parsing GEOIP file.
>Nov 23 05:07:30.212 [notice] No current certificate known for authority urras; launching request.
>Nov 23 05:07:30.212 [notice] Bootstrapped 5%: Connecting to directory server.
>Nov 23 05:07:30.268 [notice] I learned some more directory information, but not enough to build a circuit: We have no network-status consensus.
>Nov 23 05:07:30.269 [notice] No current certificate known for authority urras; launching request.
>Nov 23 05:07:30.293 [notice] Bootstrapped 10%: Finishing handshake with directory server.
>Nov 23 05:07:30.363 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:07:30.421 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:07:30.866 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:08:31.090 [notice] No current certificate known for authority urras; launching request.
>Nov 23 05:08:31.182 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:08:31.446 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:13:36.219 [notice] No current certificate known for authority urras; launching request.
>Nov 23 05:13:36.344 [warn] TLS error: unexpected close while renegotiating
>Nov 23 05:13:36.752 [warn] TLS error: unexpected close while renegotiating
>
>Connection through tor is not possible.
>
>RPM packages:
>
>tor-0.2.1.20-1.pm.1.1.x86_64

     Try 0.2.2.6-alpha.  I'm running 0.2.2.5-alpha with no problems.

>openssl-0.9.8k-3.5.3.x86_64
>
     You should probably also update openssl to 0.9.8l before building tor.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Follow-Ups:
- Re: TLS Man-In-The-Middle Vulnerability
  - From: Erwin Lam

Prev by Author: Re: Tor: Scroogle blocked, Google not ? (November 2009)
Next by Author: Re: AN idea of non-public exit-nodes
Previous by thread: Re: TLS Man-In-The-Middle Vulnerability
Next by thread: Re: TLS Man-In-The-Middle Vulnerability
Index(es):
- Author
- Thread