[tbb-bugs] #32150 [Applications/Tor Browser]: nsHttpDigestAuth cnonce exposes rand() values

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Oct 18 10:11:33 UTC 2019


#32150: nsHttpDigestAuth cnonce exposes rand() values
------------------------------------------+--------------------------------
     Reporter:  acat                      |      Owner:  tbb-team
         Type:  defect                    |     Status:  new
     Priority:  Medium                    |  Milestone:
    Component:  Applications/Tor Browser  |    Version:
     Severity:  Normal                    |   Keywords:  tbb-fingerprinting
Actual Points:                            |  Parent ID:
       Points:                            |   Reviewer:
      Sponsor:                            |
------------------------------------------+--------------------------------
 Similar concerns as #22919.

 `rand()` is used to calculate the `cnonce` in https://searchfox.org
 /mozilla-
 esr68/rev/8a8a004bc8de67bab762f1dfcea7683ba81311ce/netwerk/protocol/http/nsHttpDigestAuth.cpp#300,
 which is sent to the server.

 Even though it's only leaking some bits per `rand()` call, it might still
 be possible to recover the seed (e.g. with something like
 https://github.com/Z3Prover/z3, or maybe easier, not sure). Depending on
 how often `srand` is called this might be equivalent to a session id (per
 content process?). Well, the usual problems that guessing the seed of a
 global PRNG has.

 I think we should investigate this, or just directly patch as I don't see
 many drawbacks of having secure random numbers here.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32150>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tbb-bugs mailing list