Delivery-Date: Wed, 10 Sep 2014 20:51:47 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.9 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL,
	DKIM_SIGNED,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 099391E0F30;
	Wed, 10 Sep 2014 20:51:46 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2061D2D82F;
	Thu, 11 Sep 2014 00:51:41 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B3AE82CC8E
 for <tor-talk@lists.torproject.org>; Thu, 11 Sep 2014 00:51:10 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id LsDesa0LUbwh for <tor-talk@lists.torproject.org>;
 Thu, 11 Sep 2014 00:51:10 +0000 (UTC)
Received: from mail2.openmailbox.org (mail2.openmailbox.org [212.129.8.132])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 6D3EA2B5F4
 for <tor-talk@lists.torproject.org>; Thu, 11 Sep 2014 00:51:10 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by mail2.openmailbox.org (Postfix) with ESMTP id 4DCA720292A
 for <tor-talk@lists.torproject.org>; Thu, 11 Sep 2014 02:15:18 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=openmailbox.org;
 h=user-agent:message-id:subject:subject:from:from:date:date
 :content-transfer-encoding:content-type:content-type
 :mime-version:received:received; s=openmailbox; t=1410394516;
 bh=cVkY03DV7pRqeHzo4XaFtl3hP/5Wv5FxSv9AxmX1NAA=; b=lGe+1UenPL/p
 nxk2mYoNp2plewqIOLsX3+OvZn+uew0pbLXjAoSXy8Xr6O7ByQwxkpQVQcvH9uZi
 Auha/1zEbNNBZIA9OM+DVZfvHR9oycuwgORFiG6dJV+adOD5fYJPvzBBEzPG4kH3
 KsNhVQt/AvDJnk1Al88Pw+iaQ5BZCPs=
X-Virus-Scanned: at openmailbox.org
Received: from mail2.openmailbox.org ([212.129.8.132])
 by localhost (mail.openmailbox.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id lDPauHtSVrkn for <tor-talk@lists.torproject.org>;
 Thu, 11 Sep 2014 02:15:16 +0200 (CEST)
Received: from www.openmailbox.org (localhost [127.0.0.1])
 by mail2.openmailbox.org (Postfix) with ESMTP id D04E5200167
 for <tor-talk@lists.torproject.org>; Thu, 11 Sep 2014 02:15:16 +0200 (CEST)
MIME-Version: 1.0
Date: Thu, 11 Sep 2014 00:15:16 +0000
From: bancfc@openmailbox.org
To: tor-talk@lists.torproject.org
Message-ID: <06debc10141ab7da235a8234443ca6cf@openmailbox.org>
X-Sender: bancfc@openmailbox.org
User-Agent: Roundcube Webmail/1.0.2
Subject: [tor-talk] Secure way to set time using Hidden Service descriptors
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi. As you may already know, NTP doesn't work over Tor and even if it 
did its untrusted and unauthenticated design leaves systems open to 
clock skew attacks that could unmask hidden services. What are your 
thoughts on having an anonymity distro, that Torrifies all traffic, 
depend on Hidden Service descriptors for secure timesyncing purposes?

N.B. I have suggested a mechanism that Tor itself incorporate a 
mechanism to broadcast time from relays to clients, but until this is 
realized I'm thinking that the proposed alternative is a good drop in.


The only weakness identified is that if a Hidden service forges its 
descriptor timestamp deliberately, it could perform a time replay attack 
within an 18 hour window. How serious is this?


Proposal:

My proposal is to have the time synchronizer daemon query the DHT for 
specific Hidden Service descriptors from the HSDir Authorities without 
actually connecting to them and calculate a more finegrained time to 
set. Here is why I think its a good idea:

* Descriptors contain a timestamp field which shows the time they are 
generated.Time reported is number of microseconds since 1970.
* Descriptors are signed by the HS and cannot be spoofed by the 
HSDirAuth.
* Descriptors are refreshed hourly.
* A "malicious" HS that want to fool our time check has to go out of its 
way and forge the timestamp in its descriptor. If they are doing this by 
just running with a wrong clock, they will make themselves inaccessible.
* According to rend-spec, the damage is much limited (only and 18 hour 
window) before HSDir Authorities reject these forgeries.
* There does exist stable, available and friendly HS besides the TPO one 
that was taken down. The only addresses that will be used are those of 
trusted organizations that will not carry out the forging attacks 
described above. These will be Whistleblowing and Freedom friendly 
sites. Some suggestions: Wikileaks, RiseUp (each service they provide 
has a unique HS address assigned), TheNewyorker's SecureDrop service and 
probably more.
* The way to go about this is to fetch descriptors without connecting. 
(how? please describe if it can be done. Its probably best so we don't 
overload these organization's hidden servers)
* The timestamps will be averaged to get a more accurate reading.

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

