[tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Mar 15 00:41:18 UTC 2012


#4744: GFW probes based on Tor's SSL cipher list
--------------------------------+-------------------------------------------
 Reporter:  asn                 |          Owner:  nickm             
     Type:  defect              |         Status:  needs_revision    
 Priority:  major               |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Bridge          |        Version:                    
 Keywords:  tls fingerprinting  |         Parent:  #4185             
   Points:                      |   Actualpoints:                    
--------------------------------+-------------------------------------------

Comment(by nickm):

 Interestingly, with OpenSSL 1.0 with no options turned off, I believe the
 only cipher that we need to "fake" on the list is 0xfeff,
 "SSL3_TXT_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", which appears pretty low on the
 list.

 What if we do the following:
    * Say, "If the client ciphersuite list is exactly (current contents of
 ciphers.inc), then the server can only use the following N ciphers.
 Otherwise, the server may assume that any cipher advertised by the client,
 except 0xfeff, is present."
    * Stop pretending to have ciphersuites that we don't, with the
 exception of 0xfeff.  This means that OpenSSL 0.9.x users and users of
 OpenSSL on distributions that have disabled ECC or other ciphers will
 stand out some.
    * Strongly recommend use of OpenSSL 1.0.x or later, with nothing turned
 off.
    * Switch servers to select something good in 0.2.4, like
 ECDHE_RSA_WITH_AES_256_CBC_SHA or something.

 Thoughts?  Otherwise, I don't know how we can tell whether we can ever
 allow ECDHE ciphersuites.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4744#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list