nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-11-11 13:43:47 +01:00
Code Issues Packages Projects Releases Wiki Activity
50aecc68ca
tor/changes/pathsel-BUGGY-a

15 lines
801 B
Plaintext
Raw Normal View History

Mitigate a side-channel leak of which relays Tor chooses for a circuit Tor's and OpenSSL's current design guarantee that there are other leaks, but this one is likely to be more easily exploitable, and is easy to fix.
2012-06-14 19:15:54 +02:00
o Security fixes:
- Try to leak less information about what relays a client is
choosing to a side-channel attacker. Previously, a Tor client
would stop iterating through the list of available relays as
Try to clarify impact of bug 6537 I don't personally agree that this is likely to be easy to exploit, and some initial experimention I've done suggests that cache-miss times are just plain too fast to get useful info out of when they're mixed up with the rest of Tor's timing noise. Nevertheless, I'm leaving Robert's initial changelog entry in the git history so that he can be the voice of reason if I'm wrong. :)
2012-08-03 17:54:11 +02:00
soon as it had chosen one, thus finishing a little earlier
when it picked a router earlier in the list. If an attacker
can recover this timing information (nontrivial but not
proven to be impossible), they could learn some coarse-
grained information about which relays a client was picking
(middle nodes in particular are likelier to be affected than
exits). The timing attack might be mitigated by other factors
(see bug #6537 for some discussion), but it's best not to
take chances. Fixes bug 6537; bugfix on 0.0.8rc1.
Reference in New Issue Copy Permalink