[tor-bugs] #22948 [Core Tor/Tor]: Padding, Keepalive and Drop cells should have random payloads
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 17 23:24:56 UTC 2017
#22948: Padding, Keepalive and Drop cells should have random payloads
--------------------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-spec, security-maybe | Actual Points:
Parent ID: #18856 | Points: 0.5
Reviewer: | Sponsor:
--------------------------------------+------------------------------------
Changes (by teor):
* version: Tor: 0.3.1.1-alpha =>
* milestone: Tor: 0.3.1.x-final => Tor: 0.3.2.x-final
Comment:
Then this is probably ok in 0.3.1.
Is there any reason for padding cells to have random payloads?
Does it make it harder for adversaries to decrypt them?
(If so, should we fill every cell with random data rather than zeroes?
Or does that make it harder to add extra fields to cells?)
On the other hand, are we worried that implementations with low quality
PRNGs will leak state by doing this?
I suggest we update the spec to say that padding cells should be filled
with zero bytes, just like other cells, unless there is some compelling
reason to use random bytes.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22948#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list