[tor-bugs] #18318 [Tor]: Make sure keys and IP:Ports are unique in a consensus
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 16 03:12:29 UTC 2016
#18318: Make sure keys and IP:Ports are unique in a consensus
---------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Very High | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Severity: Blocker | Keywords: TorCoreTeam201602
Actual Points: | Parent ID: #17668
Points: | Sponsor:
---------------------------+--------------------------------
When voting for RSA / Ed25519 key combinations, each RSA key must be
unique in the vote, and and each Ed key must be unique in the vote:
* authorities must vote using the most recent descriptor signed by a RSA
key, as the signature proves ownership of that key, and ignore earlier
descriptors signed by that key;
* authorities must vote using the most recent descriptor signed by both a
RSA and an Ed key, as the signatures prove ownership of both keys, and
ignore earlier descriptors signed by either key.
When voting for RSA key / IPv4:Port combinations, there can only be one
Running instance of each RSA key, and one Running instance of each
IPv4:Port, in the vote:
* authorities must vote Running for only one IPv4:Port per RSA key, and
only one RSA key per IPv4:Port. The IPv4:Port and RSA key must be the
latest RSA key proven by reachability test to that IPv4:Port from that
authority;
* authorities may vote for RSA keys that have signed a descriptor
specifying an IPv4:Port, but which haven't been reachability tested, or
which have been superseded by a later reachability test. (This helps us
deduce internal authority state from votes.) But authorities must not vote
Running for these additional RSA key or IPv4:Port instances.
Whether or not authorities can perform IPv6 reachability tests, there can
only be one Running instance of each IPv6:Port in the vote:
* authorities must vote Running for at most one IPv6:Port per RSA key, and
only one RSA key per IPv6:Port. The IPv6:Port and RSA key must be the
latest RSA key proven by reachability test to that IPv6:Port from that
authority;
* authorities that aren't on IPv6 must vote Running for at most one
IPv6:Port per RSA key, and only one RSA key per IPv6:Port. If multiple RSA
keys claim an IPv6:Port, the RSA key voted Running must be the one with
the latest reachable IPv4:Port.
* authorities may include additional IPv6:Port instances, but must not
vote them running.
When we transition to Ed25519 proofs via authenticate cells in
reachability tests, similar uniqueness constraints will apply. But that's
out of scope for this ticket.
Since consensuses only include Running relays, and the Running flag is
assigned by a majority vote, each RSA key, Ed key, IPv4:Port, and
IPv6:Port must be unique in the consensus.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18318>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list