Disable ed25519-donna's batch verification. (!414) · Merge requests · The Tor Project / Core / Tor · GitLab

Snippets Groups Projects

Closed George Kadianakis requested to merge asn/tor:bug40078 into main 3 years ago

Fixes bug 40078.

As reported by hdevalence our batch verification logic can cause an assert crash.

The assert happens because when the batch verification of ed25519-donna fails, the code in ed25519_checksig_batch() falls back to doing a single verification for each signature.

The crash occurs because batch verification failed, but then all signatures individually verified just fine.

That's because batch verification and single verification use a different equation which means that there are sigs that can pass single verification but fail batch verification.

Fixing this would require modding ed25519-donna which is not in scope for this ticket, and will be soon deprecated in favor of arti and ed25519-dalek, so my branch instead removes batch verification.

Activity

🤖 Triage Bot 🤖 requested review from @nickm 3 years ago

requested review from @nickm
George Kadianakis mentioned in issue #40078 (closed) 3 years ago

mentioned in issue #40078 (closed)
Nick Mathewson mentioned in issue #40446 (closed) 3 years ago

mentioned in issue #40446 (closed)
Alexander Hansen Færøy @ahf 3 years ago

Owner

Merged and backported right away to 0.3.5 and on.
Alexander Hansen Færøy closed 3 years ago

closed

Please register or sign in to reply