[tor-bugs] #33211 [Circumvention/Snowflake]: proxy-go sometimes gets into a 100+% CPU state
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 21 19:15:27 UTC 2020
#33211: proxy-go sometimes gets into a 100+% CPU state
-------------------------------------+-----------------------------------
Reporter: dcf | Owner: (none)
Type: defect | Status: needs_information
Priority: Medium | Milestone:
Component: Circumvention/Snowflake | Version:
Severity: Normal | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------+-----------------------------------
Comment (by cohosh):
I did some investigating and looks like pion is using DTLS with the
ciphersuite `TLS_ECDHE_ECDSA_WITH_AES_128_CCM`. I'm almost certain this is
not a common ciphersuite to use and that we'll be changing this later
anyway once we have a better idea of the difference between snowflake
WebRTC fingerprints and other common WebRTC tools. In fact, looking at a
previous analysis of Snowflake that used the popular Chrome WebRTC
library, CCM is never listed in the ClientHello as a possible ciphersuite:
https://trac.torproject.org/projects/tor/wiki/doc/Snowflake/Fingerprinting
What's relevant to this discussion is that a large amount of the CPU time
is spent on the CCM encryption operation and I noticed that while
pion/dtls uses the builtin golang crypto implementations for the other
ciphersuites it supports, they
[https://github.com/pion/dtls/tree/master/pkg/crypto/ccm roll their own
CCM implementation]. My current plan is to remove CCM from the list of
accepted ciphersuites and see what impact this has on the performance
first.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33211#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list