[tor-bugs] #20569 [Core Tor/Tor]: hs: Use AES256 prop224 descriptors

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Nov 13 19:30:11 UTC 2016 

#20569: hs: Use AES256 prop224 descriptors
-------------------------------------------------+-------------------------
 Reporter:  dgoulet                              |          Owner:
     Type:  defect                               |         Status:
                                                 |  needs_review
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.0.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, easy, prop224,               |  Actual Points:
  TorCoreTeam201611                              |
Parent ID:                                       |         Points:  0.1
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorR-must
-------------------------------------------------+-------------------------

Comment (by chelseakomlo):

 A couple thoughts, feel free to take or leave what is useful:

 1. The iv for AES Counter Mode (in principle) does not add additional
 security properties if it is secret. I see that the iv in
 encrypt_descriptor_data and desc_decrypt_data_v3 is named secret_iv, but
 this is misleading if it does not need to be secret. (Please correct me if
 this is not the case for this protocol)

 2. As far as options to ensure the expected key length is being used, here
 are a couple:

   a) One option could be to write unit tests which mock
 crypto_cipher_new_with_iv_and_bits (for example) and test functions like
 build_encrypted, asserting in the test that
 crypto_cipher_new_with_iv_and_bits is called with the expected key size.
   b) This would require more thought/better naming, but another option
 could be to centralize hs configuration, such as key size, iv length, etc.
 For example, these could be constant values such as
 HS_DESCRIPTOR_KEY_LENGTH, or a function such as get_hs_configuration().
 This can be implemented in other ways, but the general idea is to minimize
 the number of places which have to change if we need to update values such
 as key size again in the future.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20569#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list