[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Thu, 05 Dec 2019 23:05:19 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 05 Dec 2019 18:05:29 -0500
In-reply-to: <049.48dd73bfb1bbb306d82840adaf5c2779@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.48dd73bfb1bbb306d82840adaf5c2779@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#32678: Tor's DNS cache leaks information
--------------------------+------------------------
 Reporter:  mikeperry     |          Owner:  (none)
     Type:  defect        |         Status:  new
 Priority:  Medium        |      Milestone:
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:                |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------

Comment (by pulls):

 The hotness threshold sounds like a great idea. It should be randomized in
 such a way that an attacker cannot predict the threshold for a given entry
 in the cache at the time it gets added to the cache. If all entries in a
 cache share the same threshold, then it's trivial for the attacker to
 probe this using a domain it controls. If the threshold does not change
 each time the same domain is added to the cache at a relay, then the
 attacker can probe it as well. (I guess this is what was meant above, just
 spelling it out.)

 Another issue is if an attacker can detect when a entry expires from the
 cache. If the TTL calculation is deterministic, like now set to one hour,
 it tells you when the entry was visited at the exit. Probably want to
 randomize this as well in the order of at least a few minutes (up, never
 down).

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32678#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

References:
- [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information
  - From: Tor Bug Tracker & Wiki

Prev by Author: [tor-bugs] #32691 [Webpages]: Image broken in 'src-ref' documentation
Next by Author: Re: [tor-bugs] #31820 [Core Tor/Tor]: Drop support for OpenSSL < 1.1.1
Previous by thread: Re: [tor-bugs] #32678 [Core Tor/Tor]: Tor's DNS cache leaks information
Next by thread: Re: [tor-bugs] #32678 [Core Tor/Tor]: Exit relay DNS cache leaks information (was: Tor's DNS cache leaks information)
Index(es):
- Author
- Thread