[tor-bugs] #26627 [Core Tor/Tor]: HSv3 throws many "Tried connecting to router at [IP:port], but RSA identity key was not as expected"

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Jul 4 23:03:04 UTC 2018 

#26627: HSv3 throws many "Tried connecting to router at [IP:port], but RSA identity
key was not as expected"
-------------------------------------------------+-------------------------
 Reporter:  asn                                  |          Owner:  (none)
     Type:  defect                               |         Status:
                                                 |  needs_information
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.3.5.x-final
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  security tor-relay certs handshake   |  Actual Points:
  ed25519 035-roadmap-proposed                   |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by teor):

 Replying to [comment:2 mahrud]:
 > First, here's some general stats:
 > * 1956 occurrences in about a month.
 > * 653 different keys and 667 different (RSA public key, IP)
 combinations.
 > * 318 of these were seen only once and one was seen 34 times.
 > * Full breakdown: [318, 138, 66, 34, 24, 22, 16, 8, 7, 2, 7, 3, 4, 5, 1,
 1, 2, 1, 0, 0, 1, 0, 3, 2, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1]
 >
 > What would you suggest is the best way of testing those possibilities?
 >
 > To answer your questions:
 > * Partially v0.3.2.10, partially v0.3.3.7.
 > * Assuming you mean single-hop, yes.

 Single onion services don't use guards, so they eventually connect to most
 relays.
 This means that they see more errors than most other onion services, which
 only connect to a few guards.

 > * No load balancing.
 >
 > I'm not sure how to answer the last question, can you point me to how
 can I query or view the consensus?

 We are particularly interested in the failing relay versions, because that
 helps us isolate the bug.

 If you want to look up a few relays, you can use Relay Search:
 https://metrics.torproject.org/rs.html

 You could also use Stem to look up the RSA fingerprints and dump the relay
 information:
 https://stem.torproject.org

 If you'd like us to do the analysis, it should be safe to post the
 RSA/ed25519 pairs as an attachment to this ticket.
 But you must remove the timestamps from the log file, then destroy order
 by sorting the list.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26627#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list