Tiger dependencies in ADC

ADC 0.13 would have issues were Tiger, the hash primitive it uses, to be intentionally collided. Such an event, in general, regularly occurs, as attested to by the Hash Function Lounge listing effective attacks on many commonly-used cryptographic hashing functions. A reduced-round form of Tiger has been successfully attacked, so its future security is a plausible concern. With that in mind, this blog post simply lists areas the current ADC specification which contain a dependency on Tiger and associated constants.

  • Safe; in namespaces amenable to new creation, dual support, & gradual obsolescence
    • 3.1. File names and structure”TTH/<root-base32>”, for example, </nowiki>locates a file in the share by TTH root rather than filename.3.3. File list”TTH” is the base32-encoded TTH root of the file.
    • 4.3.4. INFID base32 The CID of the client. Mandatory for C-C connections.
      PD base32 The PID of the client. Hubs must check that the Tiger(PID) == CID and then discard the field before broadcasting it to other clients. Must not be sent in C-C connections.
    • 4.3.6. SCHTR Tiger tree hash root, encoded with base32.
    • 4.3.7. RESClients must provide filename, TTH root, size and token
      TR Tiger tree hash root, encoded with base32.
      TD Tiger tree depth, index of the highest level of tree data available, root-only = 0, first level (2 leaves) = 1, second level = 2, etc…
    • 4.3.13. GETGET type identifier start_pos bytes
      BASE requires that clients recognize the types “file”, “tthl” and “list”

      “file” transfers transfer the file data in binary, starting at <start_pos> and sending <bytes> bytes.

      Identifier must be a TTH root value from the “TTH/” root. (twice)

  • Nonideal (not trivially updateable, but not per se security-related.
    These generally are just aesthetic issues, where certain algorithms and constant values have been chosen for consistency with the hashes in use. Change the hash and they become ugly.

    • 2.1. GeneralSIDs, PIDs, CIDs and short binary data are sent as base32-encoded strings. Long binary data transfers should use the file transfer mechanism with named roots.
    • 2.4.1 Session IDThe hub may choose any SID for a connecting client apart from “0” (“AAAA” in base32). “0” represents the hub itself. SIDs are 20 bits and encoded using a 4-byte base32 encoded string.
    • 2.4.2. Private IDPIDs are 192 bits and encoded using a 39 byte base32 encoded string.
  • Other
    Entries here are less easily adaptable via extension or other namespace mechanisms and are important to ADC security. These are the primary issues.

    • 2.2. Message syntaxencoded_cid ::= base32_character{39}
    • 2.4.3. Client IDClient IDs globally and publicly identify a unique client and underlie client to client communication. They are generated by hashing the 192 bit, unencoded PID with the Tiger hash algorithm. Hubs should register clients by CID. CIDs are 192 bits and encoded using a 39 byte base32 encoded string.
    • 3.2. HashesADC clients must share only files hashed using Merkle Hash trees, as defined by http://www.open-content.net/specs/draft-jchapweske-thex-02.html. The Tiger algorithm, as specified by http://www.cs.technion.ac.il/~biham/Reports/Tiger/ functions as the hash algorithm. A base segment size of 1024 bytes must be used when generating the tree, but clients may then discard parts of the tree as long as at least 7 levels are kept or a block granularity of 64 KiB is achieved. … The root must be encoded using base32 encoding when converted to text.
    • 4.3.10. GPAGet Password. The data parameter is at least 24 random bytes (base32 encoded), used to avoid replay attacks on the password.
    • 4.3.11. PASPassword. The password (utf-8 encoded bytes), followed by the random data (binary), passed through the Tiger hash algorithm (not TTH) then converted to base32. When validated, this transitions the server into NORMAL state.

    Before being finalized, especially the last category should be explicitly handled.

    Don’t forget that you can make topic suggestions for blog posts in our “Blog Topic Suggestion Box!”

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: