mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-09-20 13:06:20 +02:00
14 lines
716 B
Plaintext
14 lines
716 B
Plaintext
o Minor features (security):
|
|
|
|
- Check for replays of the public-key encrypted portion of an
|
|
INTRODUCE1 cell, in addition to the current check for replays of
|
|
the g^x value. This prevents a possible class of active attacks
|
|
by an attacker who controls both an introduction point and a
|
|
rendezvous point, and who uses the malleability of AES-CTR to
|
|
alter the encrypted g^x portion of the INTRODUCE1 cell. We
|
|
think that these attacks is infeasible (requiring the attacker
|
|
to send on the order of zettabytes of altered cells in a short
|
|
interval), but we'd rather block them off in case there are any
|
|
classes of this attack that we missed. Reported by dvorak.
|
|
|