#24366: compare_vote_rs() could check more fields for better SHA1 collision resistance -------------------------------------------------+------------------------- Reporter: teor | Owner: (none) Type: defect | Status: new Priority: Medium | Milestone: Tor: | 0.3.3.x-final Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: tor-dirauth, possible-consensus- | Actual Points: failure, needs-proposal | Parent ID: | Points: 2 Reviewer: | Sponsor: -------------------------------------------------+------------------------- Changes (by teor):
* keywords: tor-dirauth, possible-consensus-failure, needs-proposal? => tor-dirauth, possible-consensus-failure, needs-proposal Comment: The votes already include a better hash of the microdescriptor, but that's probably not enough. (And they contain *multiple* microdesc hashes.) So yes, I think the right thing to do is to: * add a sha-best (are we at SHA3-256 now?) descriptor hash to votes * define a new consensus method * when using that new consensus method, use this hash as the tie-breaker I think this lets us remove all the other tie-breaker fields. Maybe we could just get away with comparing the sha3-256 hash, but let's stick with the existing two hashes, and the sha3, so we don't accidentally *reduce* security. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/24366#comment:3> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs