[tahoe-dev] [tahoe-lafs] #722: don't give Helper access to plaintext hashes
tahoe-lafs
trac at allmydata.org
Sun May 31 12:29:45 PDT 2009
#722: don't give Helper access to plaintext hashes
---------------------------+------------------------------------------------
Reporter: warner | Owner:
Type: defect | Status: new
Priority: major | Milestone: 1.5.0
Component: code-encoding | Version: 1.4.1
Keywords: | Launchpad_bug:
---------------------------+------------------------------------------------
While examining the helper protocol today, I realized that we're still
allowing the helper to ask for the plaintext hashes, even though these
were generally removed from the upload process back in [2331] and [3286]
in association with the #365 partial-information-guessing attack. (we only
removed the code which uploads the plaintext hashes, but left the code
which generates them, and the Helper has access to remote methods which
can be used to retrieve them).
This means that the helper can perform a partial-information-guessing
attack against the client. There are other things the helper can do that
we'd prefer it couldn't (specifically uploading the wrong ciphertext), but
those are an integrity attack. This is a confidentiality attack.
The fix will be to remove {{{remote_get_plaintext_hashtree_leaves}}} and
{{{remote_get_plaintext_hash}}} from
{{{upload.RemoteEncryptedUploadable}}}. I don't think there will be any
ill-effects, except for a new client which tries to use a very old
(pre-1.0) helper, which will fail.
At some point, #453 will prompt us to add new methods to fulfill the same
goal safely, probably named something like
{{{remote_get_encrypted_plaintext_hash}}}.
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/722>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list