[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] v3 hidden services: inconsistencies between spec and implementation

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] v3 hidden services: inconsistencies between spec and implementation
From: teor <teor2345@xxxxxxxxx>
Date: Sun, 29 Oct 2017 08:27:49 +1100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 28 Oct 2017 17:28:19 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=x5UFBEgmWWIZCEEi1KdZJzsuP/Pj9776xdpJfrX0zTE=; b=B5a8RcQJBjr3rRl91LhlftTBS40DGGLJ7Tv/Enjz6kHPgtkU6Nj59nI3eq2EtAG7Uh tXEmlEur5EQDuf3SKX2DbOIAY5aUGsqkrXaFGh7e0K5KMCmtIos2b84a4dxfNlMmsxnR T/s3LfIaB1M7PYDd5ytWgSwE/gLAwJyLKt+3IDkujiOaECnLHp76VL8/D6TAsQoHYfpW I1gYcEaLrqwzjqcOv0lvVKm2r3Fq/jZuikViRUkfxKYTWTbQgzdz2btTDgLOZBpwYFdZ BQJkTCoPgTniNLWuJcFkffAfGWQv6t3BJW6xEITEXbBgUH0dNkHyeKMTTqUNvD//5OL0 d7/Q==
In-reply-to: <87y3nvfip0.fsf@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <FdV5VotJ-0Pxm1FGkaSoaBnCfJ3rBARv_tVN5F72Bi6E3cOYasOC7WGJcZ__Ab7uwACmLd78WCgxjime37hHbXd9vyKiWykVQwIsDWtMfnw=@protonmail.com> <87y3nvfip0.fsf@riseup.net>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On 29 Oct 2017, at 01:30, George Kadianakis <desnacked@xxxxxxxxxx> wrote:

>> # 220-ecc-ids-keys.txt

Is this the latest version of the ECC ID specification?
Usually, our proposals are integrated into the main spec documents
after they are implemented.

>> # 2.1
>> 
>> * 'The signature is formed by signing the first N-64 bytes of the
>>  certificate prefixed with the string "Tor node signing key certificate
>>  v1".' I found this to be false; the signatures only validate without
>>  the string prefix.
>> 
> 
> Ouch... I think we should edit the spec and consider if there are any
> security risks here.

One security risk is that signatures on these certificates are re-usable
in other contexts. For example, if two different parts of the Tor code
believe signed certificates without prefixes, an adversary can take a
certificate signed for one of them, and pass it to the other.

>> ## A.1
>> 
>> * I realized that the certificate types here are outdated. The
>>  signing-key extension is listed as type [04], when in rend-spec-v3.txt
>>  and the C implementation it is type [08].
> 
> Let's fix the spec here too...

This should definitely be integrated into one of the main specs.

T
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] v3 hidden services: inconsistencies between spec and implementation
  - From: inkylatenoth
- Re: [tor-dev] v3 hidden services: inconsistencies between spec and implementation
  - From: George Kadianakis

Prev by Author: Re: [tor-dev] GET request to a regular website using Tor and nodejs
Next by Author: [tor-dev] Proposal: Move IPv6 ORPorts to the Microdesc Consensus
Previous by thread: Re: [tor-dev] v3 hidden services: inconsistencies between spec and implementation
Next by thread: [tor-dev] Understanding the guard/md issue (#21969)
Index(es):
- Author
- Thread