commit ea570fa13c3305406790125d01de301b3f894ab1 Author: Nick Mathewson nickm@torproject.org Date: Tue May 6 16:28:34 2014 -0400
changes file for bug11743 --- changes/bug11743 | 15 +++++++++++++++ 1 file changed, 15 insertions(+)
diff --git a/changes/bug11743 b/changes/bug11743 new file mode 100644 index 0000000..89e4bbc --- /dev/null +++ b/changes/bug11743 @@ -0,0 +1,15 @@ + o Major security fixes (directory authorities): + + - Directory authorities now include a digest of each relay's + identity key as a part of its microdescriptor. + + This is a workaround for bug #11743, where Tor clients do not + support receiving multiple microdescriptors with the same SHA256 + digest in the same consensus. When clients receive a consensus + like this, they only use one of the relays. Without this fix, a + hostile relay could selectively disable client use of target + relays by constucting a router descriptor with a different + identity and the same microdescriptor parameters and getting the + authorities to list it in a microdescriptor consensus. This fix + prevents an attacker from causing a microdescriptor collision, + because the router's identity is not forgeable.
tor-commits@lists.torproject.org