[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #7139 [Tor]: Tor involuntarily sets TLS session tickets
#7139: Tor involuntarily sets TLS session tickets
-----------------------------------+----------------------------------------
Reporter: nextgens | Type: defect
Status: needs_review | Priority: major
Milestone: Tor: 0.2.2.x-final | Component: Tor
Version: | Keywords: tor-relay ssl tls security pfs
Parent: | Points:
Actualpoints: |
-----------------------------------+----------------------------------------
Comment(by nextgens):
You're not. PFS can't be achieved if you swap to disk... regardless of
whether you use TLS session tickets or not.
Now: another amendment of what I wrote above: for the record: OpenSSL does
stores the ticket's encryption key in SSL_CTX, which in Tor's case is
renewed every MAX_SSL_KEY_LIFETIME_INTERNAL... So that's your current PFS
interval... and my initial report was accurately describing what is
happening.
The reasons to disable TLS session tickets in Tor's case are:
- Not required / used at all (waste of CPU cycles and bandwidth)
- Less attack surface exposed (hardening)
- The PFS interval is MAX_SSL_KEY_LIFETIME_INTERNAL as you use 'ephemeral
certificates' (keep in mind if you plan on increasing it)
- The cipher negotiated is irrelevant ... No one will attack DHE-RSA-
AES256-SHA if the ticket is encrypted using AES-128... so that's
yetAnotherWaste of CPU cycles
There is no direct security implication warranting an emergency release
IMHO.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7139#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs