Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:  fixed
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok,  |
  asn-merge  |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by asn):

 * status:  merge_ready => closed
 * resolution:   => fixed


Comment:

 Merged.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  merge_ready
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok,  |
  asn-merge  |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * status:  needs_review => merge_ready


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok,  |
  asn-merge  |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * keywords:
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, security, 041-should, postfreeze-ok
 =>
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, security, 041-should, postfreeze-ok, asn-merge


Comment:

 ACK.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  needs_revision => needs_review


Comment:

 Done; back to needs_review.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-

Comment (by nickm):

 Okay, I'm fine with CIRCWINDOW_INCREMENT.  I'll make that change.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 Left a response about `CIRCWINDOW_INCREMENT` which I think it is a good
 idea.

 Rest if lgtm;

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  needs_information => needs_review


Comment:

 I've tried to answer those; please let me know what you think.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_information
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:  dgoulet  |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * status:  needs_revision => needs_information
 * reviewer:   => dgoulet


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * status:  needs_review => needs_revision


Comment:

 Couple questions on the PR.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_review
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .3
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  needs_revision => needs_review
 * actualpoints:  .1 => .3


Comment:

 Okay, I've force-pushed a new #26846, with a PR at
 https://github.com/torproject/tor/pull/1043

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .1
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, security, 041-should, postfreeze-ok   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * keywords:
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, 0411-alpha, security, 041-should, postfreeze-ok
 =>
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, security, 041-should, postfreeze-ok


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  needs_revision
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .1
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security, 041-should, |
  postfreeze-ok  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  accepted => needs_revision


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .1
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security, 041-should, |
  postfreeze-ok  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by arma):

 Looks reasonable! Sad to use so much more code and per-circuit state but,
 everything seems to involve adding more and more code and state these
 days. :)

 Cleaning up with attention to detail seems smart, e.g. in the commit
 message it says 28646, which is a different ticket.

 One little nit: connection_edge_get_inbuf_bytes_to_package() in this
 branch returns 0 if !package_partial and n_available < RELAY_PAYLOAD_SIZE,
 even if we were planning to send a shorter payload and n_available is
 enough to send it. Not the end of the world I guess, but kind of weird,
 and avoided in my earlier branch. Could be fixed with a bit of gymnastics
 (like "reduce length at the top of the function but don't actually commit
 to changing state until later in the function").

 I also spent a while trying to convince myself that there aren't
 situations where connection_edge_get_inbuf_bytes_to_package() can return 0
 in this branch yet we changed the state. Would probably be smart to
 clearly delineate, in that function, the point at which we've committed to
 send a cell. (I think it is right after the final opportunity to "return
 0;".)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:  .1
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security, 041-should, |
  postfreeze-ok  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * actualpoints:   => .1


Comment:

 I've done a draft here in a branch called `ticket26846`.  What do you
 think of this approach, Roger?  If you like the general idea, I'll clean
 it up a little more and add some tests.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  nickm
 Type:  enhancement  | Status:
 |  accepted
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security, 041-should, |
  postfreeze-ok  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * owner:  dgoulet => nickm
 * status:  new => accepted


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security 041-should   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by arma):

 Replying to [comment:18 nickm]:
 > dgoulet, I'm happy to do this if you'd like.

 If you base it on my branch above, which I think is still plausible since
 it's so simple, be sure to note that dgoulet stuck a "don't mess with the
 first 4 unused bytes" rule in there, so we'd need to open up at least 5.

 Another option, which is less hacky (less probabilistic) but would require
 more code and more state, would be to have a counter (on each circuit) of
 how many full cells we've sent, and if we ever send a non-full cell then
 reset it, and if it ever reaches 1000, make some space in that cell.

 And as a final note, it's not actually required (from a technical
 coordination perspective) that we get this feature in to this release,
 since we could in theory add this "make some space" logic in a future Tor,
 and that would be the Tor that finishes doing prop289 properly. But "why
 not now, it's not that big" is a solid reason for doing it now too.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security 041-should   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by arma):

 Replying to [comment:17 nickm]:
 > Replying to [comment:16 nickm]:
 > > Possibly foolish question: won't the sendme cells themselves have
 enough empty space?
 >
 > Ah, never mind.  The sendme cells that are guaranteed to get sent in
 this case aren't going in the right direction.

 Not only that, but sendmes don't count in the circuit digest -- they are
 control cells, not relay data cells.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security 041-should   |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * keywords:
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, 0411-alpha, security
 =>
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, 0411-alpha, security 041-should


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  new
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  reopened => new


Comment:

 dgoulet, I'm happy to do this if you'd like.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by nickm):

 Replying to [comment:16 nickm]:
 > Possibly foolish question: won't the sendme cells themselves have enough
 empty space?

 Ah, never mind.  The sendme cells that are guaranteed to get sent in this
 case aren't going in the right direction.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by nickm):

 Possibly foolish question: won't the sendme cells themselves have enough
 empty space?

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha, security  |
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-

Comment (by arma):

 We reopened this ticket because it was never done.

 The current code in master will fill unused bytes with randomness, but it
 will never introduce any extra unused bytes in cells. So if cells are
 always full, there will be no randomness, which will make the entire flow
 predictable to somebody who already knows what bytes they'll be receiving
 from the other side.

 We need some feature, like the one in my branch from comment:3, that
 sometimes leaves a bit of space in cells.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap, 0411-alpha|
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * keywords:
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap
 =>
 prop289, 035-roadmap-subtask, prop289-assigned-sponsor-v, 041
 -proposed-on-roadmap, 0411-alpha


Comment:

 (why is this reopened?)

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:
 |  reopened
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  Actual Points:
  prop289-assigned-sponsor-v, 041-proposed-on-   |
  roadmap|
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by dgoulet):

 * status:  closed => reopened
 * resolution:  implemented =>


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
-+-
 Reporter:  dgoulet  |  Owner:  dgoulet
 Type:  enhancement  | Status:  closed
 Priority:  Medium   |  Milestone:  Tor:
 |  0.4.1.x-final
Component:  Core Tor/Tor |Version:
 Severity:  Normal   | Resolution:
 Keywords:  prop289, 035-roadmap-subtask,|  implemented
  prop289-assigned-sponsor-v, 041-proposed-on-   |  Actual Points:
  roadmap|
Parent ID:  #26288   | Points:
 Reviewer:   |Sponsor:
 |  SponsorV
-+-
Changes (by nickm):

 * status:  assigned => closed
 * resolution:   => implemented


Comment:

 Done as part of parent.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop289, 035-roadmap-subtask  |  Actual Points:
Parent ID:  #26288| Points:
 Reviewer:|Sponsor:  SponsorV
--+

Comment (by teor):

 Replying to [comment:4 arma]:
 > I think this logic argues for another subticket on #26288: "randomize
 the unused part of relay payloads".

 See #26871.

 Integers are cheap, so let's open tickets rather than risk forgetting
 important tasks.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop289, 035-roadmap-subtask  |  Actual Points:
Parent ID:  #26288| Points:
 Reviewer:|Sponsor:  SponsorV
--+

Comment (by arma):

 Replying to [comment:3 arma]:
 > and somebody should check my logic but I think a rare but unpredictably
 short payload with a zero is enough to accomplish our goal here -- that
 is, we don't actually need a random byte, we just need to have it be
 unpredictable when the 0 will appear.

 Ok, I have two counterexamples that make me resume thinking we need the
 unused portion of the payload to be random. The first counterexample is
 sort of ugly and it's unclear how practical it is as an attack, but the
 second counterexample is elegant and simple.

 The first one is: what if the source of bytes at the destination side
 sends bytes out 400 at a time? Then we would always package them up 400 at
 a time, and we would never trigger the "decrement the length" function,
 because we would always only have partially full payloads anyway. Now,
 this isn't *so* bad for two reasons. One is that if you wanted to be sure
 to separate your 400 byte chunks so they go in different cells, you're
 really slowed down on the rate you can generate new cells. And the other
 related reason is that maybe the exit will package them in a different way
 than you expect, like 200 at a time every so often, or it will clump
 together two of your 400's sometimes, or etc. But still, I think this
 attack could work 'sometimes', and that is worrisome. It would be fixed by
 making the unused portion of the relay data cell payload random.

 And the second attack is: what if the destination is sending a stream of 0
 bytes? Then our payloads consist of NUL bytes, and every so often we make
 a short payload and put a NUL at the end. And our security relies on the
 attacker not being able to guess which bytes will be padding ("0") and
 which ones will be in-use-payload (also "0"). Oops. This attack would also
 be fixed by making the unused portion of the relay data cell payload
 random.

 I think this logic argues for another subticket on #26288: "randomize the
 unused part of relay payloads".

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop289, 035-roadmap-subtask  |  Actual Points:
Parent ID:  #26288| Points:
 Reviewer:|Sponsor:  SponsorV
--+

Comment (by arma):

 My {{{task26846-demo}}} branch has two commits that are an example of what
 we could do here.

 If we like this direction, they'll still need unit tests and a changes
 file (at least).

 We might also want to make a consensus parameter for the "how often to
 leave a byte empty" choice, but also maybe that's just overengineering
 things.

 And maybe flipping coins every time we consider packaging is expensive --
 we could probably get away with some cheaper randomness if we wanted. But
 I think we should only do that if we are pushed into it, since cheaper
 randomness is so easy to regret.

 I also thought about keeping a "how many cells have we packaged on this
 circuit" counter and then just doing some sort of mod operation to decide
 which ones to decrement. But I decided that doing it probabilistically is
 better, because right now we pad short payloads with 0 bytes (#26228), and
 somebody should check my logic but I think a rare but unpredictably short
 payload with a zero is enough to accomplish our goal here -- that is, we
 don't actually need a random byte, we just need to have it be
 unpredictable when the 0 will appear.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop289, 035-roadmap-subtask  |  Actual Points:
Parent ID:  #26288| Points:
 Reviewer:|Sponsor:  SponsorV
--+

Comment (by arma):

 The first step here is confirming that indeed the rolling circuit cell
 digest covers all of the bytes in the cell, not just the "in use"
 (rh->length) ones. I think we're good there: see the two calls to
 crypto_digest_add_bytes() in relay_crypto.c that have CELL_PAYLOAD_SIZE as
 their size argument.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Re: [tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor:
  |  0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal| Resolution:
 Keywords:  prop289, 035-roadmap-subtask  |  Actual Points:
Parent ID:  #26288| Points:
 Reviewer:|Sponsor:  SponsorV
--+
Changes (by dgoulet):

 * keywords:  prop289 => prop289, 035-roadmap-subtask


--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

[tor-bugs] #26846 [Core Tor/Tor]: prop289: Leave unused random bytes in relay cell payload

[Tor Bug Tracker & Wiki]

#26846: prop289: Leave unused random bytes in relay cell payload
--+
 Reporter:  dgoulet   |  Owner:  dgoulet
 Type:  enhancement   | Status:  assigned
 Priority:  Medium|  Milestone:  Tor: 0.3.5.x-final
Component:  Core Tor/Tor  |Version:
 Severity:  Normal|   Keywords:  prop289
Actual Points:|  Parent ID:  #26288
   Points:|   Reviewer:
  Sponsor:  SponsorV  |
--+
 This is section 3.3 of proposal 289 which is, in short, to add randomness
 to some relay cell payload.

--
Ticket URL: 
Tor Bug Tracker & Wiki 
The Tor Project: anonymity online
___
tor-bugs mailing list
tor-bugs@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs