[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11092 [Obfsproxy]: scramblesuit should make sure that handshake padding is less than MAX_PADDING_LENGTH

Subject: Re: [tor-bugs] #11092 [Obfsproxy]: scramblesuit should make sure that handshake padding is less than MAX_PADDING_LENGTH
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 01 Mar 2014 19:31:22 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 01 Mar 2014 14:31:37 -0500
In-reply-to: <043.c317ef25a3c3bc6639203185d1be0b95@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.c317ef25a3c3bc6639203185d1be0b95@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11092: scramblesuit should make sure that handshake padding is less than
MAX_PADDING_LENGTH
---------------------------+-----------------------------
     Reporter:  asn        |      Owner:  asn
         Type:  defect     |     Status:  new
     Priority:  normal     |  Milestone:
    Component:  Obfsproxy  |    Version:
   Resolution:             |   Keywords:  pt-scramblesuit
Actual Points:             |  Parent ID:
       Points:             |
---------------------------+-----------------------------

Comment (by phw):

 The obvious solution would be to simply close the TCP connection if
 authentication did not succeed in `MAX_PADDING_LENGTH + something`.
 However, adversaries could easily determine this limit by sending garbage
 data one byte at a time and check when the server closes the connection.

 We already have the server's unique seed and it should probably be used to
 derive a server-specific limit which is then used to determine when an
 unauthenticated TCP connection should be closed.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11092#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #10763 [Tor bundles/installation]: Torbrowser 3.x doesn't work in freebsd 9+
Next by Author: [tor-bugs] #11107 [EFF-HTTPS Everywhere]: Firefox extension interferes with other firefox extension
Previous by thread: Re: [tor-bugs] #10763 [Tor bundles/installation]: Torbrowser 3.x doesn't work in freebsd 9+
Next by thread: Re: [tor-bugs] #11092 [Obfsproxy]: scramblesuit should make sure that handshake padding is less than MAX_PADDING_LENGTH
Index(es):
- Author
- Thread