[tor-bugs] #22963 [Core Tor/Tor]: Make relay integrity digests harder to guess by padding cells with random bytes
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Jul 18 05:18:06 UTC 2017
#22963: Make relay integrity digests harder to guess by padding cells with random
bytes
------------------------------+--------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Keywords: security
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------------------
The tor spec says we should put random bytes in padding cells:
https://gitweb.torproject.org/torspec.git/tree/tor-spec.txt#n1534
But we don't currently do this (see #22948).
And we don't put random bytes in other cells.
This makes it easier to guess the circuit integrity digest, which makes
some DoS and malleability attacks easier.
Should we pad all cells with random bytes?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22963>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list