[tor-bugs] #15951 [Tor]: FairPretender: Pretend as any hidden service in passive mode
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu May 7 19:33:42 UTC 2015
#15951: FairPretender: Pretend as any hidden service in passive mode
---------------------------------+----------------------
Reporter: twim | Owner: twim
Type: defect | Status: new
Priority: major | Milestone:
Component: Tor | Version:
Keywords: tor, hs, descriptor | Actual Points:
Parent ID: | Points:
---------------------------------+----------------------
This flaw in in Tor protocol provides a possibility to resign any Hidden
Service descriptor with one’s private key. Thus an adversary that does so
can upload this resigned descriptor to the HS Directory and act as a
frontend to hidden services whose Introduction Point data has been
resigned. They can spread the .onion address of his frontend Hidden
Service as a real one over the Internet (phishing) and then perform a DoS
attack on chosen Hidden Services or redirect traffic to replicas that he
controls and perform Man-in-the-Middle attack.
This is just a brief explanation. For more info see attached paper.
I have idea how to fix this by introducing "backward permanent key
signature"
https://github.com/mark-in/tor/tree/backward-permkey-signature
https://github.com/mark-in/torspec/tree/backward-permkey-signature
It would be great to hear more ideas from you how to fix it better.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15951>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list