[tor-bugs] #21693 [Core Tor/Tor]: prop224 HS descriptors do wasteful double-base64 encoding
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed Mar 15 11:53:43 UTC 2017
#21693: prop224 HS descriptors do wasteful double-base64 encoding
----------------------------+------------------------------------
Reporter: asn | Owner:
Type: task | Status: new
Priority: Medium | Milestone: Tor: 0.3.1.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs prop224 | Actual Points:
Parent ID: | Points: 4
Reviewer: | Sponsor: SponsorR-can
----------------------------+------------------------------------
Comment (by asn):
A further point of complication here is that we apply NUL padding (up to
nearest multiple of 10k bytes) on the superencrypted section to hide
metadata about client auth details and intro points. So it's more like:
`middle_layer = b64(encrypt(client_auth_data + b64(encrypt(inner_layer)) +
nul_padding))`
`outer_layer = header + middle_layer.`
So unfortunately it's not as simple as replacing
`b64(encrypt(inner_layer))` with `encrypt(inner_layer)` since then the
binary ciphertext gets mangled with the NUL padding... :(
I guess this means we need some sort of frame on the binary data that
specifies the length of `encrypt(inner_layer)`, so that the decoding side
can separate the ciphertext from the padding.
In my experience, these sort of frames need careful consideration due to
all sorts of weird padding-oracle type of stuff... Will think some more,
but this might be a reasonable topic for amsterdam as well...
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/21693#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list