[tor-bugs] #4548 [Tor Bridge]: Implement dynamic (rakshasa) primes (part of proposal 179)

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Fri Nov 25 16:36:43 UTC 2011


#4548: Implement dynamic (rakshasa) primes (part of proposal 179)
------------------------+---------------------------------------------------
 Reporter:  asn         |          Owner:                    
     Type:  defect      |         Status:  needs_review      
 Priority:  normal      |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Bridge  |        Version:                    
 Keywords:              |         Parent:  #3972             
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by asn):

 Replying to [comment:5 nickm]:
 > Replying to [comment:4 asn]:
 > > Let's try this again. Branch `bug4548_take2`.
 >
 > Ok, will review.
 >
 > > Replying to [comment:3 nickm]:
 >
 > > > When loading a new prime, we probably want to double-check that it
 makes a good DH group of not-too-small size.
 > >
 > > Done. If we find a corrupted stored dynamic DH modulus, what should we
 do? Should we unlink() the file and rewrite it with a new one? I'm
 currently simply logging the event. This should '''not''' happen, and if
 it ever happens it would be good to have the corrupted file to see the
 error.
 >
 > I'd say, "move it aside, log the event, and write a new one."
 >

 Done. I only added support for a single '.broken' file. If a relay
 continuously breaks its DH moduli, we will only have access to the last
 one.

 > > > For compatiblity, also, we might want to just save the whole
 parameter set, not just the >prime, in case we want to have it support
 non-2 generators as well.
 > > >
 > >
 > > Didn't do this one. Couldn't find OpenSSL functions that will
 store/load DH parameters to disk.
 > > `DHparams_print_fp()` and `d2i_DHparams()` don't work together. If for
 some reason we ever decide to move away from `2`, we can discard all
 'dynamic_dh_modulus` files with the old format. It's not like relays have
 a special connection to their dynamic DH modulus.
 >
 > Okay.
 >
 > > > How often does this patch regenerate the DH group, if ever?  "Never"
 is I think an acceptable answer, unless we decide that bridges need to
 regen it whenever their IP changes.
 > >
 > > We don't rotate our dynamic DH modulus atm. Do you think we should
 rotate it every time the bridge IP changes?
 >
 > Do we currently rotate server-side link key when the bridge IP changes?
 I think that's a "no", right? Also, I think that the DH parameters only
 get specified by the server side of the connection.  If I'm right about
 both of those, there's no additional harm to keeping the same DH params
 across a bridge IP change.

 I think you are right about both of those.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4548#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list