[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15951 [Tor]: FairPretender: Pretend as any hidden service in passive mode



#15951: FairPretender: Pretend as any hidden service in passive mode
------------------------+-----------------------------------------
     Reporter:  twim    |      Owner:  twim
         Type:  defect  |     Status:  new
     Priority:  major   |  Milestone:
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  tor, hs, descriptor, tor-hs
Actual Points:          |  Parent ID:
       Points:          |
------------------------+-----------------------------------------

Comment (by twim):

 Yes, "users clicking the bad" is not going to be solved here. The problem
 is that attacker doesn't need to "3. Run your HS". And this "protocol
 trickery" is even simpler than running your own HS and reflect data to and
 from the original HS. A "Normal MitM" is going to be 14+1 hops from a
 client to the legitimate HS that introduce a huge delay that may look
 suspicious (especially for HS admins). The point is that we need to force
 attackers to use the method that you described ("normal mitm") and not the
 trickery.
 It should be emphasized that all you need to do as an attacker is just to
 upload a HSDesc from time to time.

 I wasn't aware of cross-certifications in 224 before, thanks Nick for this
 proposal. It really fixes a problem and does almost the same that my fix
 does ("service-key" certification).
 Maybe it's a good idea to replace all public keys enclosed in [ENCRYPTED-
 DATA] with their certificates in 224?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15951#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs