Opened 7 years ago

Closed 7 years ago

#9780 closed defect (fixed)

Reversed settings for TLS ECDHE group.

Reported by: nickm Owned by:
Priority: Medium Milestone: Tor: 0.2.4.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: tor-relay ecdhe
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

According to the manpage, bridges use P256 for conformity and relays use P224 for speed. But skruffy points out that we've gotten it backwards in the code.

Child Tickets

Change History (6)

comment:1 Changed 7 years ago by nickm

Status: newneeds_review

See branch "bug9780_024" in my public repository.

comment:2 Changed 7 years ago by nickm

Or as an alternative, we could just use P256 for everybody by default.

Rationale: P256 is probably a bit more secure than P224, and the speed penalty, though unpleasant, is not crushing. Moreover, I read that it's relatively uncommon to find anybody who uses P224 in the wild, so making it our default could be an undesired distinguisher.

comment:3 Changed 7 years ago by nickm

Branch bug9780_024_v2 in my public repository takes the second approach. I like it slightly better.

comment:4 Changed 7 years ago by arma

Ok by me.

Can we rip out the P224 code, and the TLSECGroup option, entirely then?

(Also the "else if (flags & TOR_TLS_CTX_USE_ECDHE_P256)" check is now redundant yes? Though it might still be nice for code readability.)

comment:5 in reply to:  4 Changed 7 years ago by nickm

Replying to arma:

Ok by me.

Great; will merge.

Can we rip out the P224 code, and the TLSECGroup option, entirely then?

We could, but there's no harm in leaving it around IMO.

(Also the "else if (flags & TOR_TLS_CTX_USE_ECDHE_P256)" check is now redundant yes? Though it might still be nice for code readability.)

yes.

comment:6 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Merged.

Note: See TracTickets for help on using tickets.