[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #21693 [Core Tor/Tor]: prop224 HS descriptors do wasteful double-base64 encoding
#21693: prop224 HS descriptors do wasteful double-base64 encoding
----------------------------+------------------------------------
Reporter: asn | Owner:
Type: task | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs prop224 | Actual Points:
Parent ID: | Points: 4
Reviewer: | Sponsor: SponsorR-can
----------------------------+------------------------------------
Comment (by asn):
A further point of complication here is that we apply NUL padding (up to
nearest multiple of 10k bytes) on the superencrypted section to hide
metadata about client auth details and intro points. So it's more like:
`middle_layer = b64(encrypt(client_auth_data + b64(encrypt(inner_layer)) +
nul_padding))`
`outer_layer = header + middle_layer.`
So unfortunately it's not as simple as replacing
`b64(encrypt(inner_layer))` with `encrypt(inner_layer)` since then the
binary ciphertext gets mangled with the NUL padding... :(
I guess this means we need some sort of frame on the binary data that
specifies the length of `encrypt(inner_layer)`, so that the decoding side
can separate the ciphertext from the padding.
In my experience, these sort of frames need careful consideration due to
all sorts of weird padding-oracle type of stuff... Will think some more,
but this might be a reasonable topic for amsterdam as well...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21693#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs