[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos
#26294: attacker can force intro point rotation by ddos
-------------------------------------------------+-------------------------
Reporter: arma | Owner: asn
Type: defect | Status:
| merge_ready
Priority: Medium | Milestone: Tor:
| 0.4.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, tor-dos, network-team- | Actual Points: 6
roadmap-august |
Parent ID: #29999 | Points: 7
Reviewer: dgoulet | Sponsor:
| Sponsor27-must
-------------------------------------------------+-------------------------
Comment (by asn):
Replying to [comment:26 nickm]:
> I think this code looks okay but before we merge it, I think we should
have a patch for tor-spec that explains the new behavior of the replay
cache. We should also have a quick proposal that explains why it's safe
to allow replays, since I've usually thought of them as a way to mount
active traffic analysis attacks.
Here is a torspec patch:
https://github.com/asn-d6/torspec/commit/f0fbcf3d606b8fb8ec49b1ba8f790607725dbd8b
https://github.com/asn-d6/torspec/tree/bug26294
We actually had not heard that replay caches are there to protect against
traffic analysis attacks. How does the attack work? I considered that
identical INTRO2 cells could be used as a signal to the HS guard, but
since they are end-to-end encrypted the singal should not be visible,
right?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26294#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs