[tor-bugs] #22791 [Core Tor/Tor]: Prop 224 encrypted public key
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jul 1 22:11:36 UTC 2017
#22791: Prop 224 encrypted public key
-------------------------------+--------------------------------
Reporter: Dbryrtfbcbhgf | Owner:
Type: defect | Status: new
Priority: High | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
-------------------------------+--------------------------------
In prop 224 the "HS-DESC-FIRST-LAYER" is is encrypted to prevent a
attacker from discovering the onion address of the hidden service, but
even though it is encrypted it may still be possible to log the
ciphertext of the "HS-DESC-FIRST-LAYER" every single time someone visits
The hidden service. Through that they can determine how many people are
visiting the hidden service, using that information on how many people
are visiting the service, a attacker may be able to determine what type of
site it is or use there nodes "researchers have set up nodes to capture
the .onion addresses of hidden services" that they own to block traffic to
any of those hidden services. The HS-DESC-FIRST-LAYER " Ciphertext" needs
to be padded/obfuscated so it is different every single time a new user
tries to decrypt it.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22791>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list