Fix length of replaycache-checked data.

This is a regression; we should have been checking only the public-key encrypted portion. Fixes bug 24244, TROVE-2017-009, and CVE-2017-8819.
author: Nick Mathewson <nickm@torproject.org> 2017-11-11 13:40:21 -0500
committer: Nick Mathewson <nickm@torproject.org> 2017-11-27 15:12:19 -0500
commit: 2834cc9c18230c36278ffa94a252abeb91b6cff9 (patch)
tree: a8c747864af0c52563c697e2c6ef402274182a74 /changes/trove-2017-009
parent: 6f8c32b7deb9f0cec6d1553aba71969c9fb6064f (diff)
download: tor-2834cc9c18230c36278ffa94a252abeb91b6cff9.tar.gz
tor-2834cc9c18230c36278ffa94a252abeb91b6cff9.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/changes/trove-2017-009 b/changes/trove-2017-009
new file mode 100644
index 0000000000..512d18c299
--- /dev/null
+++ b/changes/trove-2017-009
@@ -0,0 +1,10 @@
+  o Major fixes (security):
+    - When checking for replays in the INTRODUCE1 cell data for a (legacy)
+      hiddden service, correctly detect replays in the RSA-encrypted part of
+      the cell. We were previously checking for replays on the entire cell,
+      but those can be circumvented due to the malleability of Tor's legacy
+      hybrid encryption. This fix helps prevent a traffic confirmation
+      attack. Fixes bug 24244; bugfix on 0.2.4.1-alpha. This issue is also
+      tracked as TROVE-2017-009 and CVE-2017-8819.
+
+
author	Nick Mathewson <nickm@torproject.org>	2017-11-11 13:40:21 -0500
committer	Nick Mathewson <nickm@torproject.org>	2017-11-27 15:12:19 -0500
commit	2834cc9c18230c36278ffa94a252abeb91b6cff9 (patch)
tree	a8c747864af0c52563c697e2c6ef402274182a74 /changes/trove-2017-009
parent	6f8c32b7deb9f0cec6d1553aba71969c9fb6064f (diff)
download	tor-2834cc9c18230c36278ffa94a252abeb91b6cff9.tar.gz tor-2834cc9c18230c36278ffa94a252abeb91b6cff9.zip