[tor-bugs] #32150 [Applications/Tor Browser]: nsHttpDigestAuth cnonce exposes rand() values
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Oct 18 10:11:33 UTC 2019
#32150: nsHttpDigestAuth cnonce exposes rand() values
------------------------------------------+--------------------------------
Reporter: acat | Owner: tbb-team
Type: defect | Status: new
Priority: Medium | Milestone:
Component: Applications/Tor Browser | Version:
Severity: Normal | Keywords: tbb-fingerprinting
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------------------+--------------------------------
Similar concerns as #22919.
`rand()` is used to calculate the `cnonce` in https://searchfox.org
/mozilla-
esr68/rev/8a8a004bc8de67bab762f1dfcea7683ba81311ce/netwerk/protocol/http/nsHttpDigestAuth.cpp#300,
which is sent to the server.
Even though it's only leaking some bits per `rand()` call, it might still
be possible to recover the seed (e.g. with something like
https://github.com/Z3Prover/z3, or maybe easier, not sure). Depending on
how often `srand` is called this might be equivalent to a session id (per
content process?). Well, the usual problems that guessing the seed of a
global PRNG has.
I think we should investigate this, or just directly patch as I don't see
many drawbacks of having secure random numbers here.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/32150>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list