[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #21673 [Core Tor/Tor]: prop140: Handle signatures correctly

Subject: Re: [tor-bugs] #21673 [Core Tor/Tor]: prop140: Handle signatures correctly
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 03 May 2017 19:32:10 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 03 May 2017 15:32:19 -0400
In-reply-to: <045.b398a3fb173fefcae50332cb9f60146b@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <045.b398a3fb173fefcae50332cb9f60146b@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#21673: prop140: Handle signatures correctly
---------------------------------------+-----------------------------------
 Reporter:  nickm                      |          Owner:  nickm
     Type:  defect                     |         Status:  closed
 Priority:  Medium                     |      Milestone:  Tor:
                                       |  0.3.1.x-final
Component:  Core Tor/Tor               |        Version:
 Severity:  Normal                     |     Resolution:  worksforme
 Keywords:  prop140 TorCoreTeam201705  |  Actual Points:  .2
Parent ID:  #13339                     |         Points:  .1
 Reviewer:                             |        Sponsor:  Sponsor4
---------------------------------------+-----------------------------------
Changes (by nickm):

 * keywords:  prop140 => prop140 TorCoreTeam201705
 * actualpoints:  .1 => .2


Comment:

 Actually, there was an additional corner-case here, that we fixed by a
 proposal patch in torspec commit 28816242f9eaa5509dc400a48ade1e7c4a591717.

 The problem was that clients would, when contacting caches, identify
 consensuses by the sha3 digest of the entire consensus, including
 signatures.  But there are multiple valid encodings for a set of
 signatures, meaning that a malicious cache could serve each client a
 different encoding, and recognize the clients using the sha3 digests in
 their requests.

 The first part of the solution is to fetch consensuses diffs based only on
 the consensus's digest-as-signed: the digest of the consensus with no
 signatures on it.

 The second part of the solution is to generate diffs using the <n>,$d
 format to first remove all trailing signatures, so that the diffs will
 apply to any valid consensus, no matter how the signatures are encoded.

 See #22143 for implementation work here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21673#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #22230 [Internal Services/Tor Sysadmin Team]: Please add iwakeh to the collector group
Next by Author: Re: [tor-bugs] #16538 [Core Tor/Tor]: Limit the impact of a malicious HSDir
Previous by thread: Re: [tor-bugs] #22150 [Applications/GetTor]: Our website mirror community needs some love
Next by thread: [tor-bugs] #22151 [- Select a component]: use security Vs usability scheme in security settings
Index(es):
- Author
- Thread