[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] A concrete proposal for crypto (at least part of it)

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
From: Nick Mathewson <nickm@xxxxxxxxxxxx>
Date: Wed, 2 Nov 2011 13:30:13 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 02 Nov 2011 13:30:29 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:content-type :content-transfer-encoding; bh=gQosPWxePu8tgAIqwV+kYOuOgK9GJbREuAGykQZEdG4=; b=Xh/LnFfGjp4iW/hw0h/teKIn/xletLoGpQE/1Osv5vtSnHCaEukPvY9c4a1LwTZxzz 6nyUj/Y/rmG5PMe0tx3jpTaotwC6Hz9bVCo2j1ohS1Is8X2g5qfmJPgKce/7X4v6xfUZ 6v+UaWF5v//88q4of0VJobdQLv9GGvoHkCZIE=
In-reply-to: <CABqy+sptpD1myNQZYmTyMzbGwyFWgGUfyukN=KaDab4=3YrL6A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CACsn0cmb3TAOkkctxf5uh=P1JOuY7N777fqA-QrKt85GUHANWA@xxxxxxxxxxxxxx> <CABqy+sptpD1myNQZYmTyMzbGwyFWgGUfyukN=KaDab4=3YrL6A@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On Wed, Nov 2, 2011 at 12:45 PM, Robert Ransom <rransom.8774@xxxxxxxxx> wrote:
> On 2011-11-02, Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
>> Dear All,
>> Rather then get further sucked into a debate that is producing more
>> heat then light about Wegman-Carter, I've decided to make a concrete
>> proposal for how Tor can better protect its streams from manipulation.
>
> Your proposal is so detailed and concrete that I'm not even going to
> try to figure out what it means.

I'm going to suggest that we ought to isolate protocol discussions
from primitives discussions here.  The discussion of how to put
together a good relay packet format using a stream cipher and a MAC
(or a stream cipher with an authenticating mode of operation) ought to
be separable from the discussion of which stream
cipher/MAC/authenticating mode we use.

(If it isn't separable -- if the format relies on particular
properties of a given primitive -- that strikes me as a point against
the format.)

[...]
>> Right now Tor encrypts the streams of data from a client to a OR with
>> AES-CTR and no integrity checks.
>
> Bullshit.  We have a 32-bit-per-cell integrity check at the ends of a circuit.

Let's keep this polite, please.  "Not so" is a perfectly fine
alternative to "bullshit," and is likelier to keep future
conversations productive.

cheers,
-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Watson Ladd
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Robert Ransom

Prev by Author: Re: [tor-dev] Tor on TV (hemm, on WDTV!)
Next by Author: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Previous by thread: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Next by thread: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Index(es):
- Author
- Thread