[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

To: or-talk@xxxxxxxxxxxxx
Subject: Re: OSI 1-3 attack on Tor? in it.wikipedia
From: Anon Mus <a_green_lantern@xxxxxxxxx>
Date: Fri, 15 Feb 2008 10:10:39 -0800 (PST)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Fri, 15 Feb 2008 13:10:46 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=ZreFpxqiuXGoiHtlCiFY35iFLaQ8isacJJOLYvVu0f9vXe9i7kOxUFVeEtY6qJfgbsM+f2tZ1qcjkPFDmB/8DtYdzUM+/IwjVcF065NRdqH3jCJKc4nQiBWvc1SMm7862i48/IkjSTTpO+9JV8CacLMKt4MEDM//Pq1l8tz4laQ=;
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

Jan Reister wrote:
> Il 14/02/2008 13:36, Anon Mus ha scritto:
>> A. Attacker obtains genuine private keys by,
>> 1. Attacker sets up  a number of genuine tor servers
>> 2. Attacker infects genuine tor nodes with  spyware
>
> Setting up rogue (or compromised) nodes won't work for getting the 
> directory authority private keys. That makes the rest of your 
> assumption empty. As Roger pointed out:
>
https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#KeyManagement
>
> Jan
>
>
Hello Jan,

Again your statements are wrong.

In the scenario we are discussing the tor clients traffic is diverted 
into a faked tor network, on the whole.

The replying nodes, those which authenticate themselves with knowledge 
of the ACTUAL node's private key. Obtained by methods A 1-3.
So the simulated nodes just look like the real thing, when they are
not.

Your statement that the attacker needs to control a directory authority

is a red herring!
Control of a directory authority is NOT required in this scenario. That

was made plain from the start!
Why did you inject this red herring into your argument?

[ Note this is not for debate:

And directory authority I suspect that given the private keys for 
directory servers, the attacker could also simulate these.

Here's a quote from the wiki you link above.

"How do clients know what the directory servers are? The list comes
with 
the Tor distribution. It hard-codes their locations and their public 
keys. So the only way to trick the user into using a fake Tor network
is 
to give them a specially modified version of the software."

So to trick the user (tor client) into thinking it was using a genuine 
network all it would need is the private keys of the directory server 
(as the public ones are already published) again these could be
obtained 
by methods A 1-3. As these PRIVATE keys are available in an UNENCRYPTED

file on the directory servers themselves. The same is true on every tor

server in the entire tor network!]

-K-

      ____________________________________________________________________________________
Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ

Prev by Author: Re: OSI 1-3 attack on Tor? in it.wikipedia
Next by Author: Re: OSI 1-3 attack on Tor? in it.wikipedia
Previous by thread: Re: OSI 1-3 attack on Tor? in it.wikipedia
Next by thread: Re: OSI 1-3 attack on Tor? in it.wikipedia
Index(es):
- Author
- Thread