Opened 5 years ago

Closed 19 months ago

#10583 closed defect (wontfix)

connection_bucket_write_limit reveals used link protocol

Reported by: cypherpunks Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Plain text of TLS record can't be more than 16384 bytes. Tor before v4 link protocol used 512 bytes cells. connection_bucket_write_limit allows to flush not more than 32 cells. That was 16K limit exactly. With v4 size of cells changed, now it's 514 bytes, and connection_bucket_write_limit allows to flush 32 cells still that in result more than 16Kbytes. Passive adversary can to detect used protocol, and openssl can to create two records per one flush while second record contains not so much actual bytes.

Child Tickets

Change History (4)

comment:1 Changed 5 years ago by cypherpunks

Summary: connection_bucket_write_limit reveals used link protocol and adds extra overheadconnection_bucket_write_limit reveals used link protocol

Tor flushes from chunks that is 4096 bytes by default with all service headers. Overhead existed before v4 and depends buffer structure mostly.

comment:2 Changed 5 years ago by cypherpunks

This is not only about high limit, if no limit triggered then flushed all buffer. Like happens for 1 cell. Passive adversary no need to wait when peers reaches limit of record length, link protocol reveals on first non var cell that sends first.

comment:3 Changed 5 years ago by nickm

Milestone: Tor: unspecified
Priority: majornormal

I'm not seeing an way way to solve this other than link padding. Is hiding the link protocol important enough that we should consider link padding?

comment:4 Changed 19 months ago by nickm

Resolution: wontfix
Severity: Normal
Status: newclosed
Note: See TracTickets for help on using tickets.