[tor-bugs] #16659 [- Select a component]: TCP Initial Sequence Numbers Leak Host Clock

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jul 26 15:49:11 UTC 2015


#16659: TCP Initial Sequence Numbers Leak Host Clock
--------------------------------------+-----------------
     Reporter:  source                |      Owner:
         Type:  defect                |     Status:  new
     Priority:  normal                |  Milestone:
    Component:  - Select a component  |    Version:
   Resolution:                        |   Keywords:
Actual Points:                        |  Parent ID:
       Points:                        |
--------------------------------------+-----------------

Comment (by source):

 OK so if I understand correctly, the Tor's protocol inside the OpenSSL
 encryption layer never sends TCP ISNs or any other timestamps past the
 guard node.

 Wouldn't Tor (and any application) that operates on top of a Linux host's
 TCP Layer 3 still leak this information through no fault of their own?

 Diagram:

 Tor TCP protocol sanitizes time
 ====================
 OpenSSL timestamps eliminated
 ====================
 Linux TCP Layer 3 contains ISNs

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/16659#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list