[tor-bugs] #11743 [Tor]: nodelist_add_microdesc: assign md to all appropriate nodes properly
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 5 10:11:53 UTC 2014
#11743: nodelist_add_microdesc: assign md to all appropriate nodes properly
-------------------------+---------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: Tor | Version:
Keywords: | Actual Points:
Parent ID: | Points:
-------------------------+---------------------
Auths can to create the same md for two different relays. Because hash
collision or evil relay. Last one can to announce any onion keys and
family, without needs any proofs. All parts of code designed with
assumption one md per many nodes, except nodelist_add_microdesc.
nodelist_add_microdesc using
router_get_consensus_status_by_descriptor_digest which cut off digest,
digestmap_set using SHA1 while md's digest about SHA256.
nodelist_add_microdesc can't to assign md to all appropriate nodes, and
only to first with id returned by
router_get_consensus_status_by_descriptor_digest.
If evil relay will craft self id specifically then it will break usage of
victim's relay for any freshly new clients till updated consensus (it's
about several hours).
If to keep nodelist_add_microdesc with md per one node then md format need
to be more unique generated. Unique md can be generated by adding ID of
relay, it will stop crafted mds. Which way to choose? Need another ticket
about it?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11743>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list