[tor-relays] OpenSSL Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)

isis isis at torproject.org
Wed May 4 20:47:51 UTC 2016


Dhalgren Tor transcribed 0.4K bytes:
> https://www.openssl.org/news/secadv/20160503.txt
> 
> In general I understand that padding oracle attacks are principally a
> hazard for browser communications.  Am assuming that updating OpenSSL
> for this fix is not an urgent priority for a Tor Relay.
> 
> If anyone knows different please comment.

Hello,

First, I am not a real cryptographer.

However, the bug requires a client to resend the same plaintext data several
times.  In this case, for Tor, the underlying "plaintext" data is actually a
Tor cell, encrypted at the circuit layer.  We do not resend cells once a TLS
connection breaks down (which it will, if this bug is triggered).  Hence the
bug cannot be triggered in Tor's case, since we do not resend the underlying
data.

Hope that explains clearly.  Please feel free to ask questions if it
doesn't. :)

Best Regards,
-- 
 ♥Ⓐ isis agora lovecruft
_________________________________________________________
OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35
Current Keys: https://fyb.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 1240 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160504/ba6f8779/attachment.sig>


More information about the tor-relays mailing list