[tor-bugs] #23969 [Core Tor/Tor]: Scallion/cathugger attack on Tor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 24 07:30:02 UTC 2017
#23969: Scallion/cathugger attack on Tor
--------------------------+-------------------------
Reporter: cypherpunks | Owner: (none)
Type: defect | Status: closed
Priority: High | Milestone:
Component: Core Tor/Tor | Version:
Severity: Major | Resolution: invalid
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+-------------------------
Changes (by yawning):
* status: new => closed
* resolution: => invalid
Comment:
> This is a possible attack of Tor's hidden service.
This requires a large but not totally unfeasible amount of work, or
breaking SHA-1's pre-image resistance.
> Unfortunately, V3 onion namesystem are already cracked
Generating a fully colliding v3 onion service address requires a quantum
computer, and the algorithm to do accelerated ed25519 key pair generation,
which you're calling an "attack" is even mentioned in the v3 onion service
spec (Appendix C).
Closing as invalid, since this does not impact v3 services unless
adversaries have hardware that's capable of totally breaking all of Tor.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23969#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list