[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Lurkers: First draft: call for comments (was Re: Paperdeadlines)

To: mixminion-dev@freehaven.net
Subject: Re: Lurkers: First draft: call for comments (was Re: Paperdeadlines)
From: Nick Mathewson <nickm@alum.mit.edu>
Date: 06 May 2002 23:57:01 -0400
Delivered-To: archiver@seul.org
Delivered-To: mixminion-dev-outgoing@seul.org
Delivered-To: mixminion-dev@seul.org
Delivery-Date: Mon, 06 May 2002 23:57:39 -0400
In-Reply-To: <Pine.LNX.4.30.QNWS.0205062044420.15412-100000@thetis.deor.org>
References: <Pine.LNX.4.30.QNWS.0205062044420.15412-100000@thetis.deor.org>
Reply-To: mixminion-dev@freehaven.net
Sender: owner-mixminion-dev@freehaven.net

On Mon, 2002-05-06 at 23:47, Len Sassaman wrote:
> On 6 May 2002, Nick Mathewson wrote:
> 
> > Re-read the part about what TLS gets us; it's not there to prevent third
> > parties from decrypting messages.  It's there for forward security
> > against eavesdroppers who later compromise or subpoena nodes, IIUC.
> 
> Ah, of course. Though that would require the attacker both impersonate the
> second remailer *and* be able to obtain the second remailer's true key at
> some point in the future.

Not so hard for a governmental adversary; just use a carnivore-ish
wiretap to mount your MITM attack, and then subpoena the receiving node
and demand that it decrypt the message.

If, on the other hand, you can't do the MITM attack, you have no idea
which message to demand the decryption of, unless you've already
compromised somebody in advance, or somebody's forgotten to erase their
workspace. :)

-- 
Nick

References:
- Re: Lurkers: First draft: call for comments (was Re: Paper deadlines)
  - From: Len Sassaman <rabbi@quickie.net>

Prev by Date: Re: problem in 3.2 "Replies"
Next by Date: paper comment
Prev by thread: Re: Lurkers: First draft: call for comments (was Re: Paper deadlines)
Next by thread: Re: Lurkers: First draft: call for comments (was Re: Paper deadlines)
Index(es):
- Date
- Thread