[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #16659 [Metrics/Analysis]: Linux TCP Initial Sequence Numbers may aid correlation

Subject: Re: [tor-bugs] #16659 [Metrics/Analysis]: Linux TCP Initial Sequence Numbers may aid correlation
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Mon, 09 Jan 2017 20:00:48 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 09 Jan 2017 15:00:57 -0500
In-reply-to: <046.a93f69999ace798ba68471a423b8e6ae@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <046.a93f69999ace798ba68471a423b8e6ae@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#16659: Linux TCP Initial Sequence Numbers may aid correlation
------------------------------+--------------------------
 Reporter:  source            |          Owner:
     Type:  defect            |         Status:  reopened
 Priority:  Medium            |      Milestone:
Component:  Metrics/Analysis  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+--------------------------
Changes (by cypherpunks):

 * severity:   => Normal


Comment:

 SipHash: a fast short-input PRF by djb. Already used in a number of
 networking programs and kernels.

 https://131002.net/siphash/
 https://en.wikipedia.org/wiki/SipHash
 https://phoronix.com/scan.php?page=news_item&px=SipHash-PRF-V3-For-Linux

 Patch series to replace MD5/SHA1 with SipHash across the Linux network
 stack (including ISNs) already submitted:

 http://lkml.iu.edu/hypermail/linux/kernel/1701.1/00074.html
 http://lkml.iu.edu/hypermail/linux/kernel/1701.1/00076.html

 https://lkml.org/lkml/2016/12/13/596

 Other reading:

 https://chris-wood.github.io/2016/09/30/TCP-ISN-MD5.html
 https://github.com/chris-wood/chris-
 wood.github.io/blob/master/_posts/2016-9-23-TCP-Sequence-Prediction.md
 https://tools.ietf.org/html/rfc6528


 ***

 Can anyone smart confirm if these changes kill this ISN fingerprinting?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: [tor-bugs] #21226 [Core Tor/Tor]: Torspec: Proposal 224 has a wrong/unclear time period example
Next by Author: Re: [tor-bugs] #20751 [Applications/TorBirdy]: enforce stronger ciphers in torbirdy
Previous by thread: Re: [tor-bugs] #21176 [User Experience/Website]: Update people's page information
Next by thread: Re: [tor-bugs] #16659 [Metrics/Analysis]: Linux TCP Initial Sequence Numbers may aid correlation
Index(es):
- Author
- Thread