[tor-dev] Proposal 189: AUTHORIZE and AUTHORIZED cells

Julian Yon julian at yon.org.uk
Sat Nov 5 01:01:02 UTC 2011

On 04/11/11 21:37, Watson Ladd wrote:
> On Fri, Nov 4, 2011 at 4:10 PM, Robert Ransom <rransom.8774 at gmail.com> wrote:
>> | Should the client send a string of the form "GET
>> | /?q=correct+horse+battery+staple\r\n\r\n" instead of an AUTHORIZE
>> | cell, where "correct+horse+battery+staple" is a semi-plausible search
>> | phrase derived from the HMAC in some way?
> Seems to me at that point we are hosed anyway. If you see
> correct+horse+battery+staple
> and the response is garbled data, not an HTTP response, its probably
> something unusual.
> Bridge descriptors should include enough information for Tor to ensure
> that the TLS connection is safe.

What if the GET request can be anything innocuous (e.g. robots.txt,
index.html) and a valid document is sent back. But the headers include
an ETag derived in some way from the document content (or just the URL),
the shared secret and the bridge's TLS cert. If there's a MITM then the
client will compute a different ETag (due to the wrong cert) and can
close the connection. Otherwise it can immediately initiate the full
authorisation sequence.

(NB. I'm not a cryptographer; feel free to tell me where the flaw in my
logic lies)


3072D/D2DE707D Julian Yon (2011 General Use) <pgp.2011 at jry.me>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 294 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20111105/54ccd06b/attachment.pgp>

More information about the tor-dev mailing list