search

blueprint-freespeech / gosling

Rust crate providing anonymous, secure, and private peer-to-peer functionality using Tor onion services
https://gosling.technology
Other
33 stars 8 forks source link

CLN-003 - Rsa crate dependency timing side channel #127

Open morganava opened 2 weeks ago

morganava commented 2 weeks ago

Description:

The rsa crate is subject to a timing side channel attack.

Technical description:

The rsa crate is susceptible to a Marvin attack (https://www.redhat.com/en/blog/marvin-attack) tracked here https://rustsec.org/advisories/RUSTSEC-2023-0071.html, which takes advantage of non-constant time operations in RSAES-PKCS1-v1_5. The Gosling crates do not directly use the vulnerable methods.

Impact:

The jitter of the Tor network makes such a vulnerability even harder to exploit, but if it were to be exploited then confidentiality could be compromised.

Recommendation:

morganava commented 2 weeks ago

Furthermore, this upstream crate is only enabled when the ArtiClintTorClient TorProvider is enabled (which bings in the arti-client crate and all its dependencies).

We will automatically get a fix for this when the Tor Project updates their arti-client's dependencies after the rsa crate pushes a fix for their bug.

morganava commented 2 weeks ago

This issue is being tracked ultimately upstream here: