[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] The consequences of key compromise (or the reasons for changing)

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] The consequences of key compromise (or the reasons for changing)
From: Marsh Ray <marsh@xxxxxxxxxxxxxxxxxx>
Date: Fri, 04 Nov 2011 10:46:00 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Nov 2011 12:20:40 -0400
In-reply-to: <2D7068C8-FF28-4355-8B18-6467E94FF0E8@xxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CACsn0ckj86xFTBvfakVVJYMwK3nkWq4W6RtZ174hWBwddMSc4Q@xxxxxxxxxxxxxx> <2D7068C8-FF28-4355-8B18-6467E94FF0E8@xxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.23) Gecko/20110921 Thunderbird/3.1.15

On 11/04/2011 01:39 AM, Jon Callas wrote:


It's certainly laudable to worry about TLAs with ASICs. They probably
can't break 80-bit crypto yet, but that's why you need to get off of
it now.

On the other hand, no TLA worth their salt is buying ASICs to crack
crypto. They are buying zero-day kernel 'sploits. That's how the
Germans are beating Skype. Keep that in perspective. The half life of
an ASIC is 18 months. Zero-days are much more effective and much
cheaper.

I think this does not follow. Just because they are buying 0-daysdoesn't mean that they are not also buying ASICs (or at least FPGAs). Myguess is that there are some adversaries with more money forcybershenanigans than they know what to do with right now.


- Marsh
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] The consequences of key compromise (or the reasons for changing)
  - From: Watson Ladd
- Re: [tor-dev] The consequences of key compromise (or the reasons for changing)
  - From: Jon Callas

Prev by Author: Re: [tor-dev] SHA-3 isn't looking so hot to me
Next by Author: Re: [tor-dev] Proposal 189: AUTHORIZE and AUTHORIZED cells
Previous by thread: Re: [tor-dev] The consequences of key compromise (or the reasons for changing)
Next by thread: [tor-dev] Subject: Re: The consequences of key compromise (or the reasons for changing)
Index(es):
- Author
- Thread