Opened 20 months ago

Last modified 3 weeks ago

#25574 new defect

Eliminate "silent-drop" side channels in Tor protocol — at Initial Version

Reported by: mikeperry Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: guard-discovery-stats
Cc: dmr Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

https://tools.ietf.org/html/draft-thomson-postel-was-wrong-00

There are lots of ways to inject data into Tor streams, and this is a vector of attack for guard discovery and confirmation: https://petsymposium.org/2018/files/papers/issue2/popets-2018-0011.pdf

I have a branch that tries to eliminate a pile of these from a while ago, but it has lots of false positives due to the common occurrence of invalid stream IDs in practice (see #25573). https://gitweb.torproject.org/mikeperry/tor.git/log/?h=timing_sidechannel_fix-squashed1

I think we may want to do #25573 before trying to merge that branch.

Child Tickets

TicketStatusOwnerSummaryComponent
#25573closedTrack half-closed stream IDsCore Tor/Tor

Change History (0)

Note: See TracTickets for help on using tickets.