DefecTor countermeasure: change server- and client-side DNS TTL clipping

The server-side clipping now clamps to one of two values, both for what to report, and how long to cache. Additionally, we move some defines to dns.h, and give them better names.
author: Nick Mathewson <nickm@torproject.org> 2017-01-02 14:55:39 -0500
committer: Nick Mathewson <nickm@torproject.org> 2017-01-18 08:55:57 -0500
commit: 609065f165a8e145f404e55e01e8f5ac5c013bc3 (patch)
tree: ed8b9f428dff2ba3491e85c52caee3ec80eb2ba1 /changes
parent: c27ae62adefb9fcdf468eef43e8a33ae3657a6bf (diff)
download: tor-609065f165a8e145f404e55e01e8f5ac5c013bc3.tar.gz
tor-609065f165a8e145f404e55e01e8f5ac5c013bc3.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/changes/ticket19769 b/changes/ticket19769
new file mode 100644
index 0000000000..9fc05c3e9e
--- /dev/null
+++ b/changes/ticket19769
@@ -0,0 +1,7 @@
+  o Major features (security):
+    - Change the algorithm used to decide DNS TTLs on client and server side,
+      to better resist DNS-based correlation attacks like the DefecTor attack
+      of Greschbach, Pulls, Roberts, Winter, and Feamster).  Now
+      relays only return one of two possible DNS TTL values, and clients
+      are willing to believe DNS TTL values up to 3 hours long.
+      Closes ticket 19769.
author	Nick Mathewson <nickm@torproject.org>	2017-01-02 14:55:39 -0500
committer	Nick Mathewson <nickm@torproject.org>	2017-01-18 08:55:57 -0500
commit	609065f165a8e145f404e55e01e8f5ac5c013bc3 (patch)
tree	ed8b9f428dff2ba3491e85c52caee3ec80eb2ba1 /changes
parent	c27ae62adefb9fcdf468eef43e8a33ae3657a6bf (diff)
download	tor-609065f165a8e145f404e55e01e8f5ac5c013bc3.tar.gz tor-609065f165a8e145f404e55e01e8f5ac5c013bc3.zip