[tor-bugs] #22890 [Core Tor/Tor]: Recent tor relays do use canonical connections

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jul 12 00:27:05 UTC 2017


#22890: Recent tor relays do use canonical connections
------------------------------+--------------------------------
     Reporter:  teor          |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: 0.3.2.x-final
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  tor-spec
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+--------------------------------
 {{{
 5.3.1. Canonical connections

    It is possible for an attacker to launch a man-in-the-middle attack
    against a connection by telling OR Alice to extend to OR Bob at some
    address X controlled by the attacker.  The attacker cannot read the
    encrypted traffic, but the attacker is now in a position to count all
    bytes sent between Alice and Bob (assuming Alice was not already
    connected to Bob.)

    To prevent this, when an OR gets an extend request, it SHOULD use an
    existing OR connection if the ID matches, and ANY of the following
    conditions hold:
        - The IP matches the requested IP.
        - The OR knows that the IP of the connection it's using is
 canonical
          because it was listed in the NETINFO cell.
        - The OR knows that the IP of the connection it's using is
 canonical
          because it was listed in the server descriptor.

    [This is not implemented in Tor 0.2.0.23-rc.]
 }}}

 But it was implemented in some version since then.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22890>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list