From 0b55961754698f7e0980ae3dfcd98c9a9d52f1ee Mon Sep 17 00:00:00 2001
From: daira <>
Date: Thu, 17 Oct 2013 14:40:34 +0000
Subject: [PATCH] PyCrypto 2.4.1 is vulnerable to timing attacks

[Imported from Trac: page SftpFrontend, version 87]
---
 SftpFrontend.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/SftpFrontend.md b/SftpFrontend.md
index 9dd38ec..95a7003 100644
--- a/SftpFrontend.md
+++ b/SftpFrontend.md
@@ -5,7 +5,7 @@ See [docs/frontends/FTP-and-SFTP.rst (.txt in releases before v1.8.1)](http://ta
 
 # Security
 
-The security of the connection between the SFTP client and gateway is dependent on the PyCrypto library, which has not been reviewed to the same extent as the pycryptopp library that we use elsewhere in Tahoe-LAFS. In particular, the AES implementation in PyCrypto might be vulnerable to timing attacks and the RSA implementation in PyCrypto up to and including PyCrypto v2.3 is vulnerable to timing attacks. Either of these could potentially, depending on the situation, allow a remote attacker to break the encryption protecting the SFTP connection between your SFTP client and the Tahoe-LAFS gateway process that is acting as SFTP server. Therefore we do not recommend that you rely on the confidentiality or authentication provided by this SSH connection in the current release.
+The security of the connection between the SFTP client and gateway is dependent on the PyCrypto library, which has not been reviewed to the same extent as the pycryptopp library that we use elsewhere in Tahoe-LAFS. In particular, the AES implementation in PyCrypto might be vulnerable to timing attacks and the RSA implementation in PyCrypto up to and including PyCrypto v2.4.1 is vulnerable to timing attacks. Either of these could potentially, depending on the situation, allow a remote attacker to break the encryption protecting the SFTP connection between your SFTP client and the Tahoe-LAFS gateway process that is acting as SFTP server. Therefore we do not recommend that you rely on the confidentiality or authentication provided by this SSH connection in the current release.
 
 In practice, that means you can run the Tahoe-LAFS gateway locally on the same machine as your SFTP client (which is a good, efficient, and secure solution), or tunnel your SFTP connection over another secure connection such as ssh tunnel or VPN, or else just accept the risk that someone could snoop on the data that you are sending and receiving over the SFTP connection.