[tor-bugs] #26871 [Core Tor/Tor]: prop289: randomize the unused part of relay payloads
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jul 19 05:24:10 UTC 2018
#26871: prop289: randomize the unused part of relay payloads
-------------------------------------------------+-------------------------
Reporter: teor | Owner: dgoulet
Type: enhancement | Status:
| assigned
Priority: Medium | Milestone: Tor:
| 0.3.5.x-final
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: prop289, 035-roadmap-master, 035 | Actual Points:
-triaged-in-20180711 |
Parent ID: #26288 | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by teor):
I hope our PRNG is cheap.
Here's an attack on exits with expensive PRNGs:
* make a client you control connect to a site you control
* feed the exit one byte at a time
The exit then creates ~500 bytes of random padding per byte sent by the
remote site.
(This would be a devastating attack if we used /dev/random directly, on an
OS that thinks entropy is subtractive, like Linux.)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26871#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list