[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key

Subject: [tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 01 Jul 2017 22:11:36 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 01 Jul 2017 18:11:51 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#22791: Prop 224 encrypted public key
-------------------------------+--------------------------------
     Reporter:  Dbryrtfbcbhgf  |      Owner:
         Type:  defect         |     Status:  new
     Priority:  High           |  Milestone:  Tor: 0.3.2.x-final
    Component:  Core Tor/Tor   |    Version:
     Severity:  Normal         |   Keywords:
Actual Points:                 |  Parent ID:
       Points:                 |   Reviewer:
      Sponsor:                 |
-------------------------------+--------------------------------
 In prop 224 the "HS-DESC-FIRST-LAYER" is  is encrypted to prevent a
 attacker from discovering the  onion address of the hidden service, but
 even though it is encrypted  it may still be possible to log the
 ciphertext of the "HS-DESC-FIRST-LAYER"  every single time someone visits
 The hidden service.  Through that they can determine how many people are
 visiting the hidden service,  using that information on how many people
 are visiting the service, a attacker may be able to determine what type of
 site it is or use there nodes "researchers have set up nodes to capture
 the .onion addresses of hidden services" that they own to block traffic to
 any of those hidden services. The HS-DESC-FIRST-LAYER  " Ciphertext" needs
 to be padded/obfuscated so it is different every single time a new user
 tries to decrypt it.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22791>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #17750 [Core Tor/Tor]: Make bootstrapping clients wait before trying an authority
Next by Author: Re: [tor-bugs] #20671 [Core Tor/Tor]: Refactor stream cipher API
Previous by thread: Re: [tor-bugs] #21838 [Applications/Tor Browser]: Gitian VM creation fails on Ubuntu 16.x machines in the unmount step
Next by thread: Re: [tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key
Index(es):
- Author
- Thread