[tor-dev] SipHash Impact on TCP ISN skew fingerprinting

bancfc at openmailbox.org bancfc at openmailbox.org
Wed Jan 11 18:57:07 UTC 2017

SipHash a fast PRF by DJB has been adopted upstream across the Linux 
networking stack landing in 4.11. It deprecates a lot of ancient and 
broken crypto like MD5 for initial sequence number hashes.

Its my guess that that timer values added in ISNs should now be 
indistinguishable from the rest of the hashed secret outlined in 
RFC-6528.[1] Can anyone knowledgeable in reading kernel code [2] please 
confirm that this kills clock skew extraction [3] and fingerprinting [4] 
described in Steven Murdoch's papers?

Its one of the advanced attacks we've been following for some time now 
and would be good to write it off.


[1] https://tools.ietf.org/html/rfc6528

[2] http://lkml.iu.edu/hypermail/linux/kernel/1701.1/00076.html

[3] http://sec.cs.ucl.ac.uk/users/smurdoch/papers/ih05coverttcp.pdf 
(pages 7-8)

[4] http://sec.cs.ucl.ac.uk/users/smurdoch/papers/ccs06hotornot.pdf

More information about the tor-dev mailing list