#22963: Make relay integrity digests harder to guess by padding cells with
random
bytes
--------------------------+------------------------------------
Reporter: teor | Owner:
Type: defect | Status: new
Priority: Medium | Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: security | Actual Points:
Parent ID: #22948 | Points:
Reviewer: | Sponsor:
--------------------------+------------------------------------
Comment (by teor):
Replying to [comment:3 cypherpunks]:
> Replying to [comment:2 teor]:
> > we want that space to add future fields in
> No, that's not a concern. It's easy to transmit whatever future stuff
may be wanted by using structure in the 'randomness', i.e. the way relays
currently recognize cells that are for them.
This makes it hard to do what we did when we added IPv6 Exits, which was
to add a field with bits:
0: Use IPv4
0: Don't use IPv6
0: Prefer IPv6
This worked because the field was zero in the old version of the cell.
If it were random, then old clients would get a random selection of these
options.
And at least one option combination is non-functional on most sites (110)
and several are either nonsensical or non-functional (1x0, x01, 00x).
> And remember that the spec says it should be random, so other
implementations will have made it random.
The spec says that padding cells should be filled with random bytes (but
tor doesn't do this, see #22948). But it says fixed-length non-padding
cells should be filled with zeroes after their payload. This ticket is
about changing the non-padding cell case.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22963#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
