[tor-bugs] #11611 [Obfsproxy]: obfs2/obfs3 AES counter initialization is incorrect.
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Apr 26 18:19:01 UTC 2014
#11611: obfs2/obfs3 AES counter initialization is incorrect.
---------------------------+-----------------
Reporter: yawning | Owner: asn
Type: defect | Status: new
Priority: normal | Milestone:
Component: Obfsproxy | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
---------------------------+-----------------
Comment (by asn):
Please see branch `bug11611` in my repo:
https://gitweb.torproject.org/user/asn/obfsproxy.git/commitdiff/7b562f53fb02f930b3c43f1571a90f6634df0664
As I understand it, the counter will now overlfow after 2^128^ block
encryptions. This sounds unlikely to ever happen, but because I don't like
this behavior I disabled it by default. obfs2 and obfs3 explicitly enable
the wraparound behavior. Future protocols should consider using an initial
counter value of 0 :/
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11611#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list