[tor-bugs] #9767 [Tor]: Implement proposal 222: Eliminate client timestamps in Tor
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Sep 20 05:44:43 UTC 2013
#9767: Implement proposal 222: Eliminate client timestamps in Tor
-------------------------+-------------------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-client fingerprinting time
Actual Points: | prop222
Points: | Parent ID:
-------------------------+-------------------------------------------------
Comment (by andrea):
Replying to [comment:10 nickm]:
> Replying to [comment:7 andrea]:
> > Further thought on TLS/SSL timestamps: if NSA can MITM the connection
and forge a server certificate with an expiration date of their choice,
and the client strictly tests the expiration date against the local clock,
then whether the client continues the handshake also leaks information
about clock skew. The client is probably fucked regardless in that case,
but in the NAT/mobile client scenario under discussion it is a capability
beyond just what the MITM alone would give them.
>
> Sure; for this patch, I'm not hypothesizing a fast cheap
RSA1024-breaker, but a simple time-recorder. We should defend against the
former too (see proposal 220), but the latter is easier to exploit, and
simpler to fix, I think?
Yeah, I think so too - still need to read proposal 220. I was just musing
on whether we really need to actually check the expiration date on the
relay's server certificate I guess.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9767#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list