CLN-003 - Rsa crate dependency timing side channel #127
Comments
morganava
added
bug
|
Furthermore, this upstream crate is only enabled when the ArtiClintTorClient TorProvider is enabled (which bings in the arti-client crate and all its dependencies). We will automatically get a fix for this when the Tor Project updates their arti-client's dependencies after the rsa crate pushes a fix for their bug. |
|
This issue is being tracked ultimately upstream here: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description:
The rsa crate is subject to a timing side channel attack.
Technical description:
The rsa crate is susceptible to a Marvin attack (https://www.redhat.com/en/blog/marvin-attack) tracked here https://rustsec.org/advisories/RUSTSEC-2023-0071.html, which takes advantage of non-constant time operations in RSAES-PKCS1-v1_5. The Gosling crates do not directly use the vulnerable methods.
Impact:
The jitter of the Tor network makes such a vulnerability even harder to exploit, but if it were to be exploited then confidentiality could be compromised.
Recommendation:
The text was updated successfully, but these errors were encountered: