[tahoe-dev] CRISP Advisory 2008-01

Christian Grothoff christian at grothoff.org
Sun Jul 20 23:39:07 PDT 2008

Hi all,

Zooko asked me to post this here (and he confirmed that this is real).  Oh, 
and I'm not saying that this is a big deal, just that I think you may want to 
consider fixing it...

Severity: low
Reporter: Christian Grothoff
Known vulnerable: Tahoe v1.1 and earlier
Known fixed: none

 It is possible for a user to create a URI on Tahoe
 that corresponds to two different files (but URIs
 are supposed to be unique). As a result,
 an adversary might be able to publish a benign file
 and malware under the same URI, make initially the
 benign file available to users causing the URI to be
 shared and then switch the benign file for malware
 (without changing the URI).

 Users should not trust the uniqueness of URIs
 of content that they did not publish themselves.
 Doing so can cause data integrity issues.

 Tahoe uses 3-out-of-10 ECC in its file encoding.
 The most simplistic form of the attack simply
 uses (for the URI) 5 shares of the benign file
 and 5 shares of the malicious file to construct
 the URI. The check that the content matches a
 hash code that is part of the URI is easily
 bypassed since doing this check happens at the
 discression of the publisher.

 None at this point.

I've also put this online at: http://crisp.cs.du.edu/?q=node/88

Happy hacking...


More information about the tahoe-dev mailing list