[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.

Subject: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 26 Apr 2014 08:35:44 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 26 Apr 2014 04:35:55 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#11611: obfs2/obfs3 AES counter initialization is incorrect.
-----------------------+---------------------
 Reporter:  yawning    |          Owner:  asn
     Type:  defect     |         Status:  new
 Priority:  normal     |      Milestone:
Component:  Obfsproxy  |        Version:
 Keywords:             |  Actual Points:
Parent ID:             |         Points:
-----------------------+---------------------
 From `obfsproxy/common/aes.py`:
 {{{
         self.ctr = Counter.new(128, initial_value=long(iv.encode('hex'),
 16))
 }}}

 From the `Crypto.Util.Counter` docstring:
 {{{
 allow_wraparound : boolean
 If *True*, the counter will automatically restart from zero after
 reaching the maximum value (``2**nbits-1``).
 If *False* (default), the object will raise an *OverflowError*.
 }}}

 The docs on the pycrypto web page are incorrect
 (https://github.com/dlitz/pycrypto/commit/f73d0a11697e2be0a3a1819fdb91a5dadc4e6af8)
 and haven't been regenerated yet.

 The obfs2/3 protocols uses a initial value derived from the UniformDH
 handshake, `allow_wraparound=True` should be passed to the constructor
 here to avoid mysterious (though extremely unlikely) connection failures.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11611>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #11610 [Obfsproxy]: obfsproxy does not work on CentOS 6
Next by Author: Re: [tor-bugs] #10754 [Tor Support]: Implement an invitation based token system into webchat
Previous by thread: Re: [tor-bugs] #11610 [Obfsproxy]: obfsproxy does not work on CentOS 6
Next by thread: Re: [tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
Index(es):
- Author
- Thread