[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Newbie's questions

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Newbie's questions
From: coderman <coderman@xxxxxxxxx>
Date: Tue, 27 Feb 2007 11:08:42 -0800
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 27 Feb 2007 14:08:59 -0500
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=PzSeFMXps2wBWg3iJgtRyOKxha5zDQqhbyNYnsHldGdlfH4mZU5UyEMQQRGwyzTY5vgjDhHzGaG85IDeeC9ILqcyRw7NAegH3s8R15Mq+cLm0FrNNDPHdLh57W4gYUWHWdre44mbbAvMcch2IMWdq0611ir0LmF49bsUQZ3xttQ=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j60Pk+oJRDjPki60HlRQ1cpGoj583zVxlFDbZC4z2BJ1vJGraCqZMBO8DkHze8XPGwg97iUEWMYLP8lbA2cvhxKksFqbbmFp8npwcAL18ku+QMPJTMOSMX1ufPGmlZYDwNO1wxH85tF+Fuxbzdyz+2fmCswFGhrhQ1A0s7LHaK0=
In-reply-to: <45E44FDB.9080009@csuohio.edu>
References: <857578.70805.qm@web23311.mail.ird.yahoo.com> <45E44FDB.9080009@csuohio.edu>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On 2/27/07, Michael Holstein <michael.holstein@xxxxxxxxxxx> wrote:

...
> (2) Can the green line be cracked by intercepting the packets or headers?

An attack against AES that's more effective than bruteforce is not (yet)
known, so I'd say "probably not", although TOR developers are clear to
tell you it doesn't defend against a "global adversary" (eg:
$3_letter_agencies).


this is actually more complicated to answer; namely implementation
specific in the context of an active attacker.  consider an AES cache
timing attack which can recover AES secrets remotely over the network
with modest effort:
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf

there are similar side channels (exploiting pipelining, L1/L2 cache
latency, and other CPU capabilities) against public key and symmetric
cipher implementations in software.

while not a dire threat this is something to consider in your threat
model and one reason i am a big fan of hardware cipher implementations
like VIA Padlock.

References:
- Newbie's questions
  - From: sy16
- Re: Newbie's questions
  - From: Michael Holstein

Prev by Author: Re: building pages with tor in mind
Next by Author: Re:
Previous by thread: Re: Newbie's questions
Next by thread: Norwegian DNS compromized
Index(es):
- Author
- Thread