[Pkg-privacy-maintainers] Fwd: [anti-censorship-team] obfs4proxy-0.0.12 (2021-12-31) fixes the Elligator2 bug
meskio at sindominio.net
Fri Jan 14 11:14:07 GMT 2022
There has being a security issue discovered in obfs4proxy, see details on the
forwarded email. What will be the process to update the package? Can we update
it in stable as a security update? Can I help somehow with the process?
Forwarded message from David Fifield (2022-01-14 03:27:09):
> The upstream obfs4 repository has a fix to the Elligator2 public key
> representative leak (https://github.com/agl/ed25519/issues/27).
> All releases prior to this commit are trivially distinguishable
> with simple math, so upgrading is strongly recommended. The
> upgrade is fully backward-compatible with existing
> implementations, however the non-upgraded side will emit traffic
> that is trivially distinguishable from random.
> The file internal/README.md elaborates:
> All existing versions prior to the migration to the new code
> (anything that uses agl's code) are fatally broken, and trivial
> to distinguish via some simple math. For more details see Loup
> Vaillant's writings on the subject. Any bugs in the
> implementation are mine, and not his.
> Representatives created by this implementation will correctly be
> decoded by existing implementations. Public keys created by this
> implementation be it via the modified scalar basepoint multiply
> or via decoding a representative will be somewhat non-standard,
> but will interoperate with a standard X25519 scalar-multiply.
> As the obfs4 handshake does not include the decoded
> representative in any of it's authenticated handshake digest
> calculations, this change is fully-backward compatible (though
> the non-upgraded side of the connection will still be trivially
> distinguishable from random).
> anti-censorship-team mailing list
> anti-censorship-team at lists.torproject.org
meskio | https://meskio.net/
My contact info: https://meskio.net/crypto.txt
Nos vamos a Croatan.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
More information about the Pkg-privacy-maintainers