[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] A concrete proposal for crypto (at least part of it)

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
From: Robert Ransom <rransom.8774@xxxxxxxxx>
Date: Wed, 2 Nov 2011 16:45:53 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 02 Nov 2011 12:46:07 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=YRnvu1ckkPR458ke5KdmKS3Lnun8JKUdSyAkY2GvhAU=; b=LtVmpffd5fAegr9bdYOyjoONrtqeqZqhTkxfK37rFj0DvC0LuOIrVRvDamH7LAe45k FDz/NQ4OJuwBHZ3NqLw4XY7tU+ey+MJN84dYISAQV8N3PIrzqwiCyEfPxNgSWJnRDrgB Gl2MhlEwBwOTNQFnxBYCTyHqnpMHeY61ScEl4=
In-reply-to: <CACsn0cmb3TAOkkctxf5uh=P1JOuY7N777fqA-QrKt85GUHANWA@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CACsn0cmb3TAOkkctxf5uh=P1JOuY7N777fqA-QrKt85GUHANWA@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On 2011-11-02, Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
> Dear All,
> Rather then get further sucked into a debate that is producing more
> heat then light about Wegman-Carter, I've decided to make a concrete
> proposal for how Tor can better protect its streams from manipulation.

Your proposal is so detailed and concrete that I'm not even going to
try to figure out what it means.

I propose Salsa20/8 and CubeHash-256 as our general-purpose stream
cipher and message digest for the first new crypto designs
(seriously), and I propose that we implement multiple new crypto
designs as soon as possible (seriously) so that we know we will get
future migrations right.

But if this bikeshedding about the low-level details of cryptographic
primitives keeps up, I'm going to design my own stream cipher and
message digest.

> Right now Tor encrypts the streams of data from a client to a OR with
> AES-CTR and no integrity checks.

Bullshit.  We have a 32-bit-per-cell integrity check at the ends of a circuit.

Robert Ransom
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Nick Mathewson
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Watson Ladd

References:
- [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Watson Ladd

Prev by Author: Re: [tor-dev] About JTor project
Next by Author: Re: [tor-dev] Draft sketch document with ideas for future crypto ops
Previous by thread: [tor-dev] A concrete proposal for crypto (at least part of it)
Next by thread: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Index(es):
- Author
- Thread