[tor-bugs] #25501 [Core Tor/Tor]: Ensure WTF-Pad padding comes from the expected hop (was: Control-flow issues solved for WTF-pad)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jul 9 19:23:47 UTC 2018
#25501: Ensure WTF-Pad padding comes from the expected hop
-------------------------------------------------+-------------------------
Reporter: dgoulet | Owner:
| mikeperry
Type: task | Status:
| assigned
Priority: Medium | Milestone: Tor:
| 0.3.5.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: control-flow, tor-circuit, 035 | Actual Points:
-roadmap-master |
Parent ID: | Points:
Reviewer: | Sponsor:
| Sponsor2
-------------------------------------------------+-------------------------
Changes (by mikeperry):
* owner: dgoulet => mikeperry
Old description:
> Roadmap master ticket for this sponsored task.
>
> See child tickets for specific tasks.
New description:
When first looking at the WTF-Pad design for integration into Tor, we were
concerned that there may be flow control issues with padding causing our
SENDME windows to empty prematurely. It turns out that RELAY_DROP does not
count towards these windows though, so no updates are needed there.
However, we should add an additional check to ensure that RELAY_DROP cells
come from the expected hop (middle). This check is easy to do -- just
inspect the layer_hint after the cell is recognized and see where it came
from. In this way, we can prevent a malicious Exit node or RP from
injecting end-to-end side channel cells, while still allowing padding.
--
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25501#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list