Re: [Tails-dev] tordate: why is it safe to set time from unv…

This message is part of the following thread:
Mthe complete thread tree sorted by date
Mintrigeri at <-
Manonym at ->
Delete this message

Reply to this message
Author: Maxim Kammerer
Date:  
To: intrigeri
CC: The Tails public development discussion list
Subject: Re: [Tails-dev] tordate: why is it safe to set time from unverified-consensus?
Hi,

On Thu, Jan 19, 2012 at 23:09, intrigeri <intrigeri@???> wrote:
> Early October, we were pondering setting the Tails system time from
> unverified-consensus in case cached-consensus is not present; long
> story short, we refrained to do so in a hurry at pre-release time;
> eventually, we did not take the time yet to investigate how safe it
> would be to do so, and why.

Yes, I remember reading that discussion [1], the bug filed by anonym
[2], and Tor's source code [3].

> On October 9th, a commit of yours (58cc2dd) in Liberté Linux Git
> repository made the very move we were unsure of. So I guess this
> approach seemed safe enough to your eyes. May we know why?

Well, as I see it, the difference between verified and unverified
consensus matters to Tor, but not to the distribution that already
decided to set the time from the consensus header. By setting the time
from "cached-consensus", you are risking a replay attack on Tor, fine
— but by setting the time from "unverified-consensus", you are
additionally risking — what exactly? Tor will handle bad signatures,
after all (which are the reason for consensus being unverified — e.g.,
expired certificates), so the additional risk is letting an adversary
set an incorrect time on the system? But time is only critical to Tor,
because of the risk of replay attacks, which we are already ignoring.

Maybe I am missing something, but for a distribution, both verified
and unverified consensus are of equal value — getting some (not
necessarily trusted) idea of what to set the clock to, if Tor says
that the clock is wrong. Both cached and unverified consensus could be
the result of an attack, but I don't see how setting the time from
unverified consensus allows for new attack vectors.

Best regards,
Maxim

[1] https://mailman.boum.org/pipermail/tails-dev/2011-October/000571.html
[2] https://trac.torproject.org/projects/tor/ticket/4187
[3] https://gitweb.torproject.org/tor.git/blob/HEAD:/src/or/networkstatus.c

--
Maxim Kammerer
Liberté Linux (discussion / support: http://dee.su/liberte-contribute)

This message was posted to the following mailing lists:
tails-dev
Mailing List Info | Nearby Messages		<-Re: [Tails-dev] Please review and test feature/tordateRe: [Tails-dev] Please correct obsolete statements about Tails->
lists.autistici.org administrated by postmasterLurker (version 2.3)