I2P Address: [http://git.idk.i2p]

Skip to content
Snippets Groups Projects
Select Git revision
  • master default protected
  • i2p-2.8.0-8-rc
  • i2p-2.8.0-7-rc
  • i2p-2.8.0-6-rc
  • i2p-2.8.0-5
  • i2p-2.8.0-4
  • i2p-2.8.0-3
  • i2p-2.8.0-2
  • i2p-windows-2.8.0
  • i2p-2.8.0-1
  • i2p-2.8.1
  • i2p-2.8.0
  • i2p-2.7.0-9-rc
  • i2p-2.7.0-8-rc
  • i2p-2.7.0-7-rc
  • i2p-2.7.0-6-rc
  • i2p-2.7.0-5-rc
  • i2p-2.7.0-4
  • i2p-2.7.0-3
  • i2p-2.7.0-2
  • i2p-2.7.0-1
21 results
Search by author
  • Any Author
  • Kilian Holzinger nextloop
  • echelon echelon
  • idk idk idk
  • obscuratus i2p obscuratus
  • zzz zzz zzz
5 authors
  1. Jun 30, 2023
  3. Jun 29, 2023
  5. Jun 26, 2023
  7. Jun 23, 2023
  9. Jun 19, 2023
  11. Jun 14, 2023
  13. Jun 11, 2023
  15. Jun 04, 2023
  17. May 31, 2023
  19. May 25, 2023
  21. May 17, 2023
    • idk's avatar
      Router/Tunnel: xor message IDs in order to prevent cross-context leaks. · 687858e7
      idk authored 
      Adds unique message ID's per context to bloom filter for safer replay protection.

The transport and client tunnel managers use a message ID in order to prevent
messages from being replayed. Prior to this checkin, the message ID queue used
the same IDs in clients and transports. If a message was sent to a transport
and a client with the same message ID, the message ID in one would cause a replay
to be detected in the other.

The result would be that the message reply would come back empty, creating a
point of evidence that a client and a transport were hosted on the same router.

However, there is no way from the attackers POV to determine with certainty that
the message was dropped because the message was replayed, making it very easy to
demonstrate a potential information leak using a known router and a known client,
but more difficult, to use to deanonymize a known client on an unknown router
(i.e. by trying routers from the local NetDB).

So what we have here is a situation where an attacker observing router behavior
can say that a message was dropped, and that they have reason to believe it is
because it contained an ID which was replayed. This constitutes a potential
information leak and is resolved by this checkin.

patch created by @obscuratus, tested, reviewed and checked in by @obscuratus and @idk
      Unverified
      687858e7
  23. May 08, 2023
  25. Apr 23, 2023
  27. Apr 22, 2023
  29. Apr 20, 2023
  31. Apr 18, 2023

Base32 Address: [http://7qeve4v2chmjdqlwpa3vl7aojf3nodbku7vepnjwrsxljzqipz6a.b32.i2p] Onion Address: [http://47ggr2fa3vnwfyhvgskzdmr3i32eijwymxohtxsls45dulmriwxszjad.onion]