[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] OpenSSL Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)



Dhalgren Tor transcribed 0.4K bytes:
> https://www.openssl.org/news/secadv/20160503.txt
> 
> In general I understand that padding oracle attacks are principally a
> hazard for browser communications.  Am assuming that updating OpenSSL
> for this fix is not an urgent priority for a Tor Relay.
> 
> If anyone knows different please comment.

Hello,

First, I am not a real cryptographer.

However, the bug requires a client to resend the same plaintext data several
times.  In this case, for Tor, the underlying "plaintext" data is actually a
Tor cell, encrypted at the circuit layer.  We do not resend cells once a TLS
connection breaks down (which it will, if this bug is triggered).  Hence the
bug cannot be triggered in Tor's case, since we do not resend the underlying
data.

Hope that explains clearly.  Please feel free to ask questions if it
doesn't. :)

Best Regards,
-- 
 ââ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://fyb.patternsinthevoid.net/isis.txt

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays