[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #8223 [Obfsproxy]: obfsproxy: obfs2: Key derivation with shared-secret enabled does an extra hash iteration
#8223: obfsproxy: obfs2: Key derivation with shared-secret enabled does an extra
hash iteration
-----------------------+----------------------------------------------------
Reporter: asn | Owner: asn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Obfsproxy | Version: Obfsproxy: 0.1.4
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
{{{
digest_update(c, (uchar*)keytype, strlen(keytype));
if (seed_nonzero(state->initiator_seed))
digest_update(c, state->initiator_seed, OBFUSCATE_SEED_LENGTH);
if (seed_nonzero(state->responder_seed))
digest_update(c, state->responder_seed, OBFUSCATE_SEED_LENGTH);
if (shared_seed_nonzero(state->secret_seed))
digest_update(c, state->secret_seed, SHARED_SECRET_LENGTH);
digest_update(c, (uchar*)keytype, strlen(keytype));
digest_getdigest(c, buf, sizeof(buf));
if (shared_seed_nonzero(state->secret_seed)) {
digest_t *d;
int i;
for (i=0; i < OBFUSCATE_HASH_ITERATIONS; i++) {
d = digest_new();
digest_update(d, buf, sizeof(buf));
digest_getdigest(d, buf, sizeof(buf));
digest_free(d);
}
}
}}}
Spec says:
{{{
Optionally, if the client and server share a secret value SECRET,
they can replace the MAC function with:
MAC(s,x) = H^n(s | x | H(SECRET) | s)
where n = HASH_ITERATIONS.
}}}
but the above code actually does `n+1` hash iterations.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8223>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs