Skip to content
Snippets Groups Projects

rend-spec: add a note about replay detection

Merged rend-spec: add a note about replay detection
nickm/torspec:clarify-no-replays into main
1 unresolved thread
Merged Nick Mathewson requested to merge nickm/torspec:clarify-no-replays into main
1 unresolved thread

Explain why we're doing it, and the extent to which we do (or do not) need to be perfect.

Closes #246 (closed).

Based on discussion at arti#725 (comment 2959820)

Merge request reports

Loading
Loading

Activity

Filter activity
  • Approvals
  • Assignees & reviewers
  • Comments (from bots)
  • Comments (from users)
  • Commits & branches
  • Edits
  • Labels
  • Lock status
  • Mentions
  • Merge request status
  • Tracking
spec/rend-spec/introduction-protocol.md
473 so long as the opportunity for replay attacks remains limited.
474 For example, it is not necessary to fsync() data to disk
475 after each request.
476
477 > Rationale:
478 >
479 > The main reason we prevent INTRODUCE replays
480 > is to detect attempts by introduction points to mount replay attacks.
481 > Such attacks would cause the onion service to make a second circuit
482 > to the client's chosen rendezvous point.
483 > If the attacker controls both the introduction point
484 > and the rendezvous point,
485 > they can use this to learn which original user circuit
486 > corresponded to the replayed request.
487 > This likely helps with traffic analysis somewhat,
488 > but is unlikely to
  • Nick Mathewson
    Nick Mathewson @nickm ·
    Author Owner

    @dgoulet @Diziet would one of you like to review this, since we were the ones discussion on arti#725 (closed)?

  • David Goulet
  • David Goulet left review comments

    left review comments

  • Nick Mathewson added 1 commit

    added 1 commit

    • 3d07bf66 - fixup! rend-spec: add a note about replay detection

    Compare with previous version

  • Nick Mathewson marked this merge request as draft from nickm/torspec@3d07bf66

    marked this merge request as draft from nickm/torspec@3d07bf66

  • Nick Mathewson
    Nick Mathewson @nickm ·
    Author Owner

    Sorry for the unfinished sentences! Possibly better now?

  • Alexander Hansen Færøy
    Alexander Hansen Færøy @ahf ·
    Owner

    Makes more sense now, for sure :thumbsup:

  • Alexander Hansen Færøy
    Alexander Hansen Færøy @ahf ·
    Owner

    @dgoulet Any comments to Nick's changes? Otherwise, I think we should merge this.

  • Alexander Hansen Færøy approved this merge request

    approved this merge request

  • Nick Mathewson added 35 commits

    added 35 commits

    Compare with previous version

  • Nick Mathewson marked this merge request as ready

    marked this merge request as ready

  • Nick Mathewson
    Nick Mathewson @nickm ·
    Author Owner

    squashed, marking to merge.

  • Nick Mathewson enabled an automatic merge when all merge checks for d1daab72 pass

    enabled an automatic merge when all merge checks for d1daab72 pass

  • Nick Mathewson merged

    merged

  • Nick Mathewson mentioned in commit 3d46c77e

    mentioned in commit 3d46c77e

    • Please register or sign in to reply