[tor-bugs] #18319 [Core Tor/Tor]: Exclude relays that don't match pinned RSA/Ed key pairs

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Oct 28 20:57:30 UTC 2016 

#18319: Exclude relays that don't match pinned RSA/Ed key pairs
-------------------------------------------------+-------------------------
 Reporter:  teor                                 |          Owner:  andrea
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  High                                 |      Milestone:  Tor:
                                                 |  0.3.0.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-ed25519-proto, nickm-            |  Actual Points:
  deferred-20160905                              |
Parent ID:                                       |         Points:  1
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorU-can
-------------------------------------------------+-------------------------

Comment (by nickm):

 So, is it safe to turn this on?  I say yes.

 Based on the key pinning journal from tor26 (thanks, weasel!) it appears
 that since June, tor26 has seen 11254 RSA key IDs that never ever had a
 problem with key pinning, and 38 that did have a problem with key pinning.
 Here is a list: The first column has the RSA ID digest; the second column
 has the number of times that the RSA ID has changed, and the third column
 is the total number of distinct RSA IDs that we saw:
 {{{
 0xTX/OPySoQeQhcfYbmg7XKvPig     3       2
 1fLGX0ExoUaNW2eog4qbftjASeI     3       3
 1flPABP5uAKi10ISLSYoFE77lKE     2       2
 2w28qPYF1huAZXHIG6ceFGBit0E     2       2
 5NaImMhATrKKj2exPASMgk+Wlzg     5       2
 5VWwnHcDZzPgCn1hzVNLqa9KojI     2       2
 8B2NZEjIuIPYrNCNOqd4nV7ji3s     308     2
 AwpuskclwF2OD84hkjy6UiPnXg4     2       2
 c8lCVGJIf8a9PS37ADkWGGBPPSQ     2       2
 CSNlpBRhGAUJKkKTa5iqJZmjS/o     2       2
 Eam7Qvu+2koLC25/LgjTdhKEAeA     3       3
 EIDZv2CSjzjtExqrPmMMGPfIY6k     971     3
 eT78t3vCLFFyNpHD9Anold98rLI     3       2
 fHPpbeWNhM2G4CAO6MDiMlbYwY4     2       2
 FmNLMUUcPNs1DKcuv5VKmHfwzjQ     5       5
 fqbq1v2DCDxTj0QDi7+gd1h911U     2       2
 h4QTqd5axJeipfIA2hY/EtUD/Y0     361     2
 hADNOhd+RqInQb+NI8r9/f9kPc4     4       4
 hBmxi6hnwmv4EzD1Lw3lSzmqeng     5       5
 IlhNU47BggOuIYwkmKnEy2VNWQ8     2       2
 /kAz11CDHDKpVxdK3RHkD1WKFKk     2       2
 k+wgCkGxwIa5SCA/kKyYEkehbRs     2       2
 L3qCbMW35tg07KJeI2oTUdOJ0ZU     2       2
 LmZJ2hypiJcX/6R7ne72F/lrAy0     6       3
 LQSvfJ3GjHXJC1fPd0rcS0Uo6vM     2       2
 n7VU4rU8XoC6sozAbXBUDiKuyPU     2       2
 nzE2uXX/gPDcRirEaOdoL/6T9As     2       2
 OENTblrXo3+jW1AeV0kI7FsuC4k     2       2
 Oy4g/k61Ml3mKg91MEh93RqNYGc     2       2
 pTxG9bFX3YM2bUWo6ZokSTShTEY     2       2
 qj2bTEI7M31nALgV890iRN0CC+4     2       2
 ur6aJJ2MxQsdUMIBBjPhlYjbQ5E     2       2
 WXuzSmUToNRG7oewrDC3FuTBWG4     2       2
 XcvYDQDicgqjLkAxf1FoG/UrWmM     3       2
 y5iRq/UMnKjxRFqyHSfMXDGCCSI     3       2
 YtLQNjkCJcHvZWIV3QZtAwSGH8M     2       2
 yylv56Bq+HhTRJW/OIF/4Ip3msA     2       2
 }}}

 I also tried looking at the time distribution of when the different
 Ed25519 keys appeared, to see if adding a grace period to the code would
 help.  That doesn't seem to be the case: no more than a third of the
 problems occurred within a week.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18319#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list