[tor-dev] Proposal 222: Stop sending client timestamps

George Kadianakis desnacked at riseup.net
Thu Aug 22 16:33:02 UTC 2013

Nick Mathewson <nickm at torproject.org> writes:

> Filename: 222-remove-client-timestamps.txt
> Title: Stop sending client timestamps
> Authors: Nick Mathewson
> Created: 22 August 2013
> Target: 0.2.5.x
> Status: Open
> 0. Summary
>    There are a few places in Tor where clients and servers send
>    timestamps.  I list them and discuss how to eliminate them.
> 1. Introduction
>    Despite this late date, many hosts aren't running NTP and
> <snipage>
>    field, so this change should be safe.
> 2.2. AUTHENTICATE (server)
>    The AUTHENTICATE cell is not ordinarily sent by clients. It
>    contains an 8-byte timestamp and a 16-byte random value.
>    Instead, let's replace both with a 24-byte (truncated) HMAC of
>    the current time, using a random key.
>    This will achieve the goal of including a timestamp in the
>    cell (preventing replays even in the presence of bad entropy),
>    while at the same time not including the time here.

Hey Nick,

how does the client verify the contents of the AUTHENTICATE cell
(including the timestamp), if the timestamp is encrypted with a random

More information about the tor-dev mailing list