[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #26228 [Core Tor/Tor]: Clarify/determine specification for padding bytes, (formerly also PADDING cell)

#26228: Clarify/determine specification for padding bytes, (formerly also PADDING
cell)
--------------------------+------------------------------------
 Reporter:  dmr           |          Owner:  dmr
     Type:  defect        |         Status:  needs_review
 Priority:  Medium        |      Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:  tor-spec      |  Actual Points:
Parent ID:  #26869        |         Points:
 Reviewer:                |        Sponsor:
--------------------------+------------------------------------
Changes (by teor):

 * status:  needs_revision => needs_review


Comment:

 Replying to [comment:13 teor]:
 > Actually, we should distinguish between padding relay cells, which need
 randomness because they are relayed, and link cells, which don't need
 randomness because:
 > a) they don't have any digests, so randomisation doesn't gain us
 anything
 > b) TLS should protect their payloads from modification

 I made this change in the spec, and included the relay cell padding
 randomisation from #26871.

 Replying to [comment:14 dmr]:
 > Replying to [comment:12 teor]:
 > > Oops. VERSIONS cells can't have (more than 1 byte of) random padding,
 because it will be interpreted as an extra version.
 >
 > Actually, well-formed VERSIONS cells can't have //any// (fully) random
 padding.
 >
 > The spec [[https://gitweb.torproject.org/torspec.git/tree/tor-
 spec.txt?id=ce1d4a8b7e1e5eb714068a8cf44fdc5ae24460d9#n556|says]]:
 > > Either party MUST close the connection if the versions cell is not
 well-formed (for example, if it contains an odd number of bytes).

 Thanks!

 > It's unclear in the spec if you can pad VERSIONS cells by repeating
 (pairs of) version bytes. The algorithms described in the spec make it
 sound possible, but "not well-formed" is a bit loosely defined.

 The implementation would interpret padding as extra versions, so let's ban
 it.

 Please see my branch 26228-padding-bytes on
 ​https://github.com/teor2345/torspec.git , which also fixes #26870 and
 contains the spec for #26871.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26228#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs