[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 23 May 2012 00:42:34 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 22 May 2012 20:42:45 -0400
In-reply-to: <049.e6242b16ae7311d162849f1f84c37c5f@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <049.e6242b16ae7311d162849f1f84c37c5f@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5460: Write proposal(s) to evaluate circuit crypto authentication
------------------------+---------------------------------------------------
 Reporter:  mikeperry   |          Owner:  nickm             
     Type:  defect      |         Status:  assigned          
 Priority:  major       |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor Client  |        Version:                    
 Keywords:              |         Parent:  #5456             
   Points:              |   Actualpoints:                    
------------------------+---------------------------------------------------

Comment(by nickm):

 Replying to [comment:5 arma]:
 > Replying to [comment:1 rransom]:
 > > BEAR/LION/LIONESS are not âself-authenticating cryptoâ.  They are
 large-block block ciphers which ensure that any change to a block's data
 on one side of an honest relay completely scrambles the block's data on
 the other side.  They would need to be accompanied by an end-to-end MAC.
 >
 > Even if accompanied by an end-to-end mac, isn't that insufficient? If I
 can mangle a cell, and detect mangling, and it still gets to the other
 end, that sounds like a tagging attack to me. It's not as fine-grained a
 tagging attack sure, but if the goal is "cause circuit failure at the 2nd
 hop, not the third" then it's not going to do it, right?

 "It Depends".  The biggest problem with the current tagging attack is that
 a successfully tagged circuit (one where the attacker observes the tag) is
 recoverable by the attacker.  Either a whole-cell encryption approach or a
 per-hop MAC approach would solve *that*.  (As for the "it's still a tag"
 argument... it's not clear that "the whole circuit gets destroyed away
 suddenly" is much worse as a tag than "the whole circuit turns to junk
 suddenly.)


 I wrote a draft draft draft today, and I'm showing it to as some naive-
 about-tor/smart-about-crypto people to try to make sure it's readable.
 I'll give it another editing pass after that, assign it a proposal number,
 and call this ticket closed.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5460#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #5843 [Company]: announce new tor-browser-bundle releases
Next by Author: Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
Previous by thread: Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
Next by thread: Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
Index(es):
- Author
- Thread