[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #15951 [Tor]: FairPretender: Pretend as any hidden service in passive mode
#15951: FairPretender: Pretend as any hidden service in passive mode
------------------------+-----------------------------------------
Reporter: twim | Owner: twim
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor | Version:
Resolution: | Keywords: tor, hs, descriptor, tor-hs
Actual Points: | Parent ID:
Points: |
------------------------+-----------------------------------------
Comment (by twim):
Yes, "users clicking the bad" is not going to be solved here. The problem
is that attacker doesn't need to "3. Run your HS". And this "protocol
trickery" is even simpler than running your own HS and reflect data to and
from the original HS. A "Normal MitM" is going to be 14+1 hops from a
client to the legitimate HS that introduce a huge delay that may look
suspicious (especially for HS admins). The point is that we need to force
attackers to use the method that you described ("normal mitm") and not the
trickery.
It should be emphasized that all you need to do as an attacker is just to
upload a HSDesc from time to time.
I wasn't aware of cross-certifications in 224 before, thanks Nick for this
proposal. It really fixes a problem and does almost the same that my fix
does ("service-key" certification).
Maybe it's a good idea to replace all public keys enclosed in [ENCRYPTED-
DATA] with their certificates in 224?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15951#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs