#22948: Padding and Keepalive cells should have random payloads
------------------------------+--------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version: Tor: 0.3.1.1-alpha
Severity: Normal | Keywords: tor-spec, security-maybe
Actual Points: | Parent ID: #18856
Points: 0.5 | Reviewer:
Sponsor: |
------------------------------+--------------------------------------
tor-spec says:
{{{
Link padding can be created by sending PADDING or VPADDING cells
along the connection; relay cells of type "DROP" can be used for
long-range padding. The contents of a PADDING, VPADDING, or DROP
cell SHOULD be chosen randomly, and MUST be ignored.
}}}
https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n1534
But padding cells sent by channelpadding_send_padding_cell_for_callback()
and keepalive cells sent by run_connection_housekeeping() have a payload
of all zero bytes.
I don't know if this is a security issue or not. It is probably ok, unless
Tor has compression enabled on its TLS connections. If compression is
enabled, all the padding data size calculations will be wrong.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22948>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs