[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] A concrete proposal for crypto (at least part of it)

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
From: Watson Ladd <watsonbladd@xxxxxxxxx>
Date: Wed, 2 Nov 2011 13:19:52 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 02 Nov 2011 14:20:09 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=YZ2V4Y+gGwja27UChmQYvhI684Qarjgskc+fJK7+czk=; b=UOxizU/WO1qoYu1g9Eu/ol8eE29eO4koYwAl130Qf6VWp3lY1lohDzZhKSYRtGHuXi kSEPqBqd+EG3Jwpn9v229P0G/sJMh7RtcanRia8px+/S0Xt50ACDB20AjHPFFsjglCeF 8Dg+bXOnMCqjPxZ9mtQxTOmCerDi6DTXODDgk=
In-reply-to: <CABqy+sptpD1myNQZYmTyMzbGwyFWgGUfyukN=KaDab4=3YrL6A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CACsn0cmb3TAOkkctxf5uh=P1JOuY7N777fqA-QrKt85GUHANWA@xxxxxxxxxxxxxx> <CABqy+sptpD1myNQZYmTyMzbGwyFWgGUfyukN=KaDab4=3YrL6A@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On Wed, Nov 2, 2011 at 11:45 AM, Robert Ransom <rransom.8774@xxxxxxxxx> wrote:
> On 2011-11-02, Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
>> Dear All,
>[...omitted..]
>
>> Right now Tor encrypts the streams of data from a client to a OR with
>> AES-CTR and no integrity checks.
>
> Bullshit. ÂWe have a 32-bit-per-cell integrity check at the ends of a circuit.
So let's say that I am a malicious 1st hop and a malicious 3rd hop,
and I want to find out. If I have known plaintext I can modify it, say
the packet type headers.  Then the third router will see nonsense and
know that it this circuit is compromised. The second router can detect
this with my proposal, it
cannot right now. Ends of circuit alone are not enough.
>
>
> Robert Ransom
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>
Sincerely,
Watson Ladd


-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neitherÂ Liberty nor Safety."
-- Benjamin Franklin
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Nick Mathewson
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Paul Syverson

References:
- [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Watson Ladd
- Re: [tor-dev] A concrete proposal for crypto (at least part of it)
  - From: Robert Ransom

Prev by Author: [tor-dev] A concrete proposal for crypto (at least part of it)
Next by Author: [tor-dev] Rewriting tor-spec to be crypto agnostic
Previous by thread: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Next by thread: Re: [tor-dev] A concrete proposal for crypto (at least part of it)
Index(es):
- Author
- Thread