[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] A concrete proposal for crypto (at least part of it)



On 2011-11-02, Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
> Dear All,
> Rather then get further sucked into a debate that is producing more
> heat then light about Wegman-Carter, I've decided to make a concrete
> proposal for how Tor can better protect its streams from manipulation.

Your proposal is so detailed and concrete that I'm not even going to
try to figure out what it means.

I propose Salsa20/8 and CubeHash-256 as our general-purpose stream
cipher and message digest for the first new crypto designs
(seriously), and I propose that we implement multiple new crypto
designs as soon as possible (seriously) so that we know we will get
future migrations right.

But if this bikeshedding about the low-level details of cryptographic
primitives keeps up, I'm going to design my own stream cipher and
message digest.


> Right now Tor encrypts the streams of data from a client to a OR with
> AES-CTR and no integrity checks.

Bullshit.  We have a 32-bit-per-cell integrity check at the ends of a circuit.


Robert Ransom
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev