id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,launchpad_bug 722,don't give Helper access to plaintext hashes,warner,,"While examining the helper protocol today, I realized that we're still allowing the helper to ask for the plaintext hashes, even though these were generally removed from the upload process back in [changeset:7996131a0aa0b55c] and [changeset:db566db31a66e076] in association with the #365 partial-information-guessing attack. (we only removed the code which uploads the plaintext hashes, but left the code which generates them, and the Helper has access to remote methods which can be used to retrieve them). This means that the helper can perform a partial-information-guessing attack against the client. There are other things the helper can do that we'd prefer it couldn't (specifically uploading the wrong ciphertext), but those are an integrity attack. This is a confidentiality attack. The fix will be to remove {{{remote_get_plaintext_hashtree_leaves}}} and {{{remote_get_plaintext_hash}}} from {{{upload.RemoteEncryptedUploadable}}}. I don't think there will be any ill-effects, except for a new client which tries to use a very old (pre-1.0) helper, which will fail. At some point, #453 will prompt us to add new methods to fulfill the same goal safely, probably named something like {{{remote_get_encrypted_plaintext_hash}}}. ",defect,closed,major,1.5.0,code-encoding,1.4.1,fixed,confidentiality,,