[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 189: AUTHORIZE and AUTHORIZED cells



On Fri, Nov 4, 2011 at 4:10 PM, Robert Ransom <rransom.8774@xxxxxxxxx> wrote:
> On 2011-11-04, George Kadianakis <desnacked@xxxxxxxxx> wrote:
>>
>> Filename: 189-authorize-cell.txt
>> Title: AUTHORIZE and AUTHORIZED cells
>> Author: George Kadianakis
>> Created: 04 Nov 2011
>> Status: Open
>>
>> 1. Overview
>>
>> Â ÂProposal 187 introduced the concept of the AUTHORIZE cell, a cell
>> Â Âwhose purpose is to make Tor bridges resistant to scanning attacks.
>>
>> Â ÂThis is achieved by having the bridge and the client share a secret
>> Â Âout-of-band and then use AUTHORIZE cells to validate that the
>> Â Âclient indeed knows that secret before proceeding with the Tor
>> Â Âprotocol.
>>
>> Â ÂThis proposal specifies the format of the AUTHORIZE cell and also
>> Â Âintroduces the AUTHORIZED cell, a way for bridges to announce to
>> Â Âclients that the authorization process is complete and successful.
>>
>> 2. Motivation
>>
>> Â ÂAUTHORIZE cells should be able to perform a variety of
>> Â Âauthorization protocols based on a variety of shared secrets. This
>> Â Âforces the AUTHORIZE cell to have a dynamic format based on the
>> Â Âauthorization method used.
>>
>> Â ÂAUTHORIZED cells are used by bridges to signal the end of a
>> Â Âsuccessful bridge client authorization and the beginning of the
>> Â Âactual link handshake. AUTHORIZED cells have no other use and for
>> Â Âthis reason their format is very simple.
>>
>> Â ÂBoth AUTHORIZE and AUTHORIZED cells are to be used under censorship
>> Â Âconditions and they should look innocuous to any adversary capable
>> Â Âof monitoring network traffic.
>
> I wrote the following in my reply to proposal 190, but it probably
> belongs here instead:
>
> | An adversary who MITMs the TLS connection and receives a Tor AUTHORIZE
> | cell will know that the client is trying to connect to a Tor bridge.
> |
> | Should the client send a string of the form "GET
> | /?q=correct+horse+battery+staple\r\n\r\n" instead of an AUTHORIZE
> | cell, where "correct+horse+battery+staple" is a semi-plausible search
> | phrase derived from the HMAC in some way?

Seems to me at that point we are hosed anyway. If you see
correct+horse+battery+staple
and the response is garbled data, not an HTTP response, its probably
something unusual.
Bridge descriptors should include enough information for Tor to ensure
that the TLS connection is
safe. If we are protecting against passive scanning then we just need
to make it look like a webserver. One good way of doing that: ask
people who have webservers to run bridges, and have Tor simply pass
any confused HTTP requests to the actual webserver. (These shouldn't
be popular sites)
Sincerely,
Watson Ladd
-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither Liberty nor Safety."
-- Benjamin Franklin
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev