Opened 2 years ago

Closed 5 weeks ago

#15426 closed enhancement (implemented)

Update ciphers.inc to match ciphers from current Firefox

Reported by: cypherpunks Owned by: nickm
Priority: High Milestone: Tor: 0.3.0.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: 027-triaged-1-out, nickm-deferred-20160905, tor-03-unspecified-201612
Cc: jryans@… Actual Points: .2
Parent ID: Points: 2
Reviewer: Sponsor:

Description

Firefox changed ciphersuits since we last updated ciphers.inc. We need to re-run get_mozilla_ciphers.py on the most recent stable Firefox and openssl, to generate a new ciphers.inc.

We should fix get_mozilla_ciphers if it needs it; the code may have rotted a bit.

Child Tickets

Change History (24)

comment:1 Changed 2 years ago by nickm

  • Milestone set to Tor: 0.2.7.x-final

comment:2 Changed 23 months ago by nickm

  • Keywords 027-triaged-1-out added

Marking triaged-out items from first round of 0.2.7 triage.

comment:3 Changed 23 months ago by nickm

  • Milestone changed from Tor: 0.2.7.x-final to Tor: 0.2.???

Make all non-needs_review, non-needs_revision, 027-triaged-1-out items belong to 0.2.???

comment:4 Changed 17 months ago by cypherpunks

Is anyone working on this? The little-t tor cipher suits presented are wildly different from a normal Firefox 38 ESR browser.

comment:5 Changed 17 months ago by nickm

  • Milestone changed from Tor: 0.2.??? to Tor: 0.2.7.x-final

Adding for consideration, tho it's very late in the process.

comment:6 Changed 17 months ago by nickm

  • Milestone changed from Tor: 0.2.7.x-final to Tor: 0.2.8.x-final
  • Priority changed from normal to major

Hmmm. It looks like enough changes have been made in the identifiers that openssl uses between 1.0.0 and 1.0.1 and 1.0.2 and master that we should really reconsider for 0.2.8. I get different answers for every openssl version I try.

I've updated the script to work at all.

comment:7 Changed 17 months ago by nickm

  • Severity set to Normal

Updates in branch 15426_027

comment:8 Changed 13 months ago by nickm

  • Milestone changed from Tor: 0.2.8.x-final to Tor: 0.2.9.x-final

Throw most 0.2.8 "NEW" tickets into 0.2.9. I expect that many of them will subsequently get triaged out.

comment:9 Changed 11 months ago by nickm

  • Points set to small/medium

This would be 'small' if my scripts worked on the latest ff and openssl. But I think there's some tweaking to do.

comment:10 Changed 11 months ago by nickm

  • Priority changed from High to Medium

comment:11 Changed 11 months ago by nickm

  • Owner set to nickm
  • Status changed from new to accepted

comment:12 Changed 9 months ago by nickm

  • Points changed from small/medium to 2

comment:13 Changed 6 months ago by nickm

  • Keywords nickm-deferred-20160905 added
  • Milestone changed from Tor: 0.2.9.x-final to Tor: 0.2.???

Defer some of my own tickets to 0.2.???

comment:14 Changed 4 months ago by arma

This ticket makes me wish we had a network-team developer focused on the censorship side of things: is fixing our cipher suite the most important thing we could be doing to blend in better with browsing traffic these days? Heck, is matching Firefox's signature the thing we should be doing still, or is some other browser much more popular in key locations this decade?

comment:15 Changed 4 months ago by teor

  • Milestone changed from Tor: 0.2.??? to Tor: 0.3.???

Milestone renamed

comment:16 Changed 3 months ago by nickm

  • Keywords tor-03-unspecified-201612 added
  • Milestone changed from Tor: 0.3.??? to Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:17 Changed 2 months ago by cypherpunks

This is now being used in places in England to block access to Tor. Can confirm Gatwick Airport uses this.

Modifying the header using for example Fiddler on Windows makes Tor network accessible again.

comment:18 Changed 2 months ago by nickm

  • Milestone changed from Tor: unspecified to Tor: 0.3.0.x-final
  • Priority changed from Medium to High

well then. how hard could it be?

comment:19 Changed 2 months ago by jryans

  • Cc jryans@… added

comment:20 Changed 2 months ago by cypherpunks

This is now being used in places in England to block access to Tor. Can confirm Gatwick Airport uses this.

Modifying the header using for example Fiddler on Windows makes Tor network accessible again.

Airport using some DPI, that periodically (several days or weeks) get updates from vendor. You can't to make ciphersuites for Tor and Firefox to match for 100%, they using different libs, smart dpi vendor will use that difference for sure. So this ticket can't help you to bypass censorship in any real timeline.

If you want to play censorship box vs. plain Tor, then you need to make ciphersuites configurable by user, and still to be ready to get specific openssl's fpr.

comment:21 Changed 5 weeks ago by nickm

  • Actual Points set to .2
  • Status changed from accepted to needs_review

That was easy enough -- see branch ciphers.inc for the client side.

For the server side, see branch server_ciphers. For that, there are a couple more ciphersuites to consider now. I've restored and re-run gen_server_ciphersuites to take those into account. For now, CCM is ranked below GCM and above CBC-SHA; Chacha is ranked below AES.

comment:22 Changed 5 weeks ago by yawning

I'm uncertain of how useful this actually is, and if we were going to match a browser's ciphersuites, matching chrome's would probably be "better" as it totally crushes firefox in terms of market share. That's probably a topic for a different discussion though.

The client branch looks ok from a "it matches Firefox" point of view, though if it were up to me, I'd move ChaCha around at runtime depending on if hardware AES is available or not.

Does OpenSSL do the right thing client side if TLS < 1.2 is negotiated, and the server picks an AEAD suite (RFC 7251 Sec. 3)?

The server branch likewise looks ok, though my comments regarding ChaCha prioritization also apply here. Nitpick: Update the MANDATORY list to remove the DES suite (Per: #19998).

comment:23 Changed 5 weeks ago by nickm

Created:

  • #21338 for the switch-to-the-chrome ciphers thing.
  • #21339 for the "use ChaCha when it's faster" thing.

Updated server_ciphers for the MANDATORY change and some indent fixes.

Discussed the openssl/TLS-1.2 thing on #tor-dev a little

comment:24 Changed 5 weeks ago by nickm

  • Resolution set to implemented
  • Status changed from needs_review to closed

Okay. Merging the now stuff (yawning says "deal with that stuff later" so IIUC I got review) and leaving the later stuff for later.

Note: See TracTickets for help on using tickets.