[tor-bugs] #4744 [Tor Bridge]: GFW probes based on Tor's SSL cipher list

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Mar 15 01:06:57 UTC 2012 

#4744: GFW probes based on Tor's SSL cipher list
--------------------------------+-------------------------------------------
 Reporter:  asn                 |          Owner:  nickm             
     Type:  defect              |         Status:  needs_revision    
 Priority:  major               |      Milestone:  Tor: 0.2.3.x-final
Component:  Tor Bridge          |        Version:                    
 Keywords:  tls fingerprinting  |         Parent:  #4185             
   Points:                      |   Actualpoints:                    
--------------------------------+-------------------------------------------

Comment(by asn):

 Replying to [comment:23 nickm]:
 > Interestingly, with OpenSSL 1.0 with no options turned off, I believe
 the only cipher that we need to "fake" on the list is 0xfeff,
 "SSL3_TXT_RSA_FIPS_WITH_3DES_EDE_CBC_SHA", which appears pretty low on the
 list.
 >
 > What if we do the following:
 >    * Say, "If the client ciphersuite list is exactly (current contents
 of ciphers.inc), then the server can only use the following N ciphers.
 Otherwise, the server may assume that any cipher advertised by the client,
 except 0xfeff, is present."
 >    * Stop pretending to have ciphersuites that we don't, with the
 exception of 0xfeff.  This means that OpenSSL 0.9.x users and users of
 OpenSSL on distributions that have disabled ECC or other ciphers will
 stand out some.
 >    * Strongly recommend use of OpenSSL 1.0.x or later, with nothing
 turned off.
 >    * Switch servers to select something good in 0.2.4, like
 ECDHE_RSA_WITH_AES_256_CBC_SHA or something.
 >
 > Thoughts?  Otherwise, I don't know how we can tell whether we can ever
 allow ECDHE ciphersuites.


 Sounds like a sane plan.

 We should make sure that the alpha version of Tor Browser Bundle produces
 the cipher list we want, since most .cn users should be using TBB.
 AFAIK Tor Browser Bundle uses OpenSSL 1.0.0g
 (https://www.torproject.org/projects/torbrowser-details.html.en#contents),
 and it shouldn't have features turned off.

 The small amount of OpenSSL 0.9.x users in .cn, should still be able to
 circumvent the GFW, since their cipher list won't be identical to the
 current one.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4744#comment:24>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list