Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: f694a443fc
Branches Tags
tor
/
changes
/
bug11743

bug11743 883 B
History Raw

12345678910111213141516 
  1.   o Major security fixes (directory authorities):
    2. 

  2. 

  3.     - Directory authorities now include a digest of each relay's
    4. 

  4.       identity key as a part of its microdescriptor.
    5. 

  5. 

  6.       This is a workaround for bug #11743 (reported by "cypherpunks"),
    7. 

  7.       where Tor clients do not
    8. 

  8.       support receiving multiple microdescriptors with the same SHA256
    9. 

  9.       digest in the same consensus. When clients receive a consensus
    10. 

  10.       like this, they only use one of the relays. Without this fix, a
    11. 

  11.       hostile relay could selectively disable some client use of target
    12. 

  12.       relays by constucting a router descriptor with a different
    13. 

  13.       identity and the same microdescriptor parameters and getting the
    14. 

  14.       authorities to list it in a microdescriptor consensus. This fix
    15. 

  15.       prevents an attacker from causing a microdescriptor collision,
    16. 

  16.       because the router's identity is not forgeable.
    17.