[tor-commits] [tor/master] Changes file for feature4900
nickm at torproject.org
nickm at torproject.org
Sat Feb 15 21:04:28 UTC 2014
commit 10d1b0b33ed73d9696d1695196bf397ccaab31d9
Author: Nick Mathewson <nickm at torproject.org>
Date: Wed Feb 12 12:20:29 2014 -0500
Changes file for feature4900
---
changes/feature4900 | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/changes/feature4900 b/changes/feature4900
new file mode 100644
index 0000000..378ce12
--- /dev/null
+++ b/changes/feature4900
@@ -0,0 +1,12 @@
+ o Minor features:
+
+ - Avoid hash-flooding denial-of-service attacks by using the secure
+ SipHash-2-4 hash function for our hashtables. Without this
+ feature, an attacker could degrade performance of a targeted
+ client or server by flooding their data structures with a large
+ number of data entries all calculated to be stored at the same
+ hash table position, thereby degrading hash table
+ performance. With this feature, hash table positions are derived
+ from a randomized cryptographic key using SipHash-2-4, and an
+ attacker cannot predict which entries will collide.
+ Closes ticket 4900.
More information about the tor-commits
mailing list