[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay

Subject: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 17 Feb 2015 11:44:12 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 17 Feb 2015 06:44:20 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#14917: Client's choice of rend point can leak info about hidden service's guard
relay
------------------------------+------------------------------------
 Reporter:  arma              |          Owner:
     Type:  defect            |         Status:  new
 Priority:  normal            |      Milestone:  Tor: 0.2.7.x-final
Component:  Tor               |        Version:
 Keywords:  SponsorR, tor-hs  |  Actual Points:
Parent ID:                    |         Points:
------------------------------+------------------------------------
 Imagine the scenario where the attacking client picks a rendezvous point
 that happens to be the hidden service's primary (first) entry guard. Then
 * The hidden service will look through its preemptively built circuits to
 see if it can extend any of them. circuit_find_to_cannibalize() will
 decide that none of the existing circuits are suitable, because they would
 cause a duplicate hop.
 * So the hidden service decides to make a new circuit. In
 populate_live_entry_guards() it compares node to chosen_exit and then
 exit_family, and skips it if there's overlap.

 So the result is that even when NumEntryGuards is 1, the hidden service
 will end up using its *second* entry guard for this circuit. Surprising.
 This isn't terrible, since I don't see any way to induce it to contact a
 third entry guard, but still, two is more than one, especially when you
 thought you were getting only one. (Imagine an attack where the adversary
 has you rendezvous with every relay that has the Guard flag -- now you're
 guaranteed to step over to your second guard at least once.)

 Where it gets messy is if the user explicitly set EntryNodes, like some
 hidden service operators think is wise, so they can use an entry node they
 trust. In that case entry_list_is_constrained() is true, so
 populate_live_entry_guards() will happily return an empty list if your one
 choice is inappropriate, resulting in choose_random_entry_impl() returning
 NULL. The external behavior is that if you send the hidden service the
 right rendezvous point, it never connects. That's kind of bad, especially
 since some people argue setting an explicit EntryNode is a wise move.

 Now, learning about the hidden service's choice of primary guard isn't the
 end of the world, because there are other reasonably straightforward ways
 to enumerate the entry guard of a hidden service currently, e.g. the
 predecessor attack (run a middle relay, rendezvous with the hidden service
 many times, and see which prior hop shows up in the circuit the most
 times). But we'd like to fix those, e.g. by moving to a layered entry
 guard design, and if we do, this issue will remain.

 Reported by 'ghetto' on irc.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14917>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #14221 [Tor Browser]: mkbundle-*.sh does not update correctly the $TORBROWSER_VERSION -> $TORBROWSER_BUILDDIR symlink at the end of the build
Next by Author: Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
Previous by thread: Re: [tor-bugs] #14916 [Stem]: test for #14901
Next by thread: Re: [tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
Index(es):
- Author
- Thread