[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] obfs4 questions

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] obfs4 questions
From: Michael Rogers <michael@xxxxxxxxxxxxxxxx>
Date: Sat, 29 Nov 2014 09:04:45 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 29 Nov 2014 04:05:02 -0500
In-reply-to: <20141129003550.6f488348@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <547873B4.1050204@xxxxxxxxxxxxxxxx> <20141128133914.2dcfd79b@xxxxxxxxxxxxxxx> <54788B01.1020901@xxxxxxxxxxxxxxxx> <20141128153706.3551a9ec@xxxxxxxxxxxxxxx> <20141128155019.3ecf4acf@xxxxxxxxxxxxxxx> <5478B786.4050502@xxxxxxxxxxxxxxxx> <20141129003550.6f488348@xxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Thunderbird/24.6.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 29/11/14 00:35, Yawning Angel wrote:
> On Fri, 28 Nov 2014 17:57:26 +0000 Michael Rogers
> <michael@xxxxxxxxxxxxxxxx> wrote:
> 
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
>> 
>> On 28/11/14 15:50, Yawning Angel wrote:
>>> A one time poly1305 key is calculated for each box, based on
>>> 32 bytes of zeroes encrypted with a one time Salsa20
>>> key/counter derived from the nonce and the box key.  You can
>>> view the use of Salsa20 there as an arbitrary keyed hash
>>> function (in the case of the original paper, AES was used).
>>> 
>>> Hope that clarifies things somewhat,
>> 
>> Thanks - this is similar to the argument I came up with. I called
>> my argument hand-wavy because it relies on HSalsa20 and Salsa20
>> being PRFs, and I don't know how big an assumption that is.
> 
> For what it's worth "7 Nonce and stream" both support using a
> counter here as the nonce, and refers to 'The standard ("PRF")
> security conjecture for Salsa20".  IIRC the security proof for the
> extended nonce variants also hinges on the underlying algorithms
> being PRFs as well, so it's something I'm comfortable in assuming.
> 
> http://cr.yp.to/highspeed/naclcrypto-20090310.pdf

Awesome, thanks!

Cheers,
Michael

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJUeYwsAAoJEBEET9GfxSfM9PsIAIADA/7Lfkx9kxxkvfggMNQZ
Ln71QB//POwEskJSVftg/NE30pdw9KiYA8EJLA5El62UxUT4NS8OOyiGTSXz3IDo
dvBcnOls9HAVYeE7HjOeKdiwwitjBv0+QFetGY+0XNAjkmHLkU+cQdO9+jkJ122l
nWLFaOj1o3qjx7QHiL7TKqFf+Rh1P/quurNBYrexM2uRxsAXQgncGMVaLgGAdvmu
h09NotPW5sDTmu4m6HgRFQKYD15sPkkF2C65IkQNiO0Al7NIVcxq6JEtzLMcK66t
jZpvZe+U/XrgEFqzkxYep20bFITTovXkC6cMhm4iA5X58ZKWnGf8eBxVs/RCDCY=
=2auj
-----END PGP SIGNATURE-----
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] obfs4 questions
  - From: Michael Rogers
- Re: [tor-dev] obfs4 questions
  - From: Yawning Angel
- Re: [tor-dev] obfs4 questions
  - From: Michael Rogers
- Re: [tor-dev] obfs4 questions
  - From: Yawning Angel
- Re: [tor-dev] obfs4 questions
  - From: Yawning Angel
- Re: [tor-dev] obfs4 questions
  - From: Michael Rogers
- Re: [tor-dev] obfs4 questions
  - From: Yawning Angel

Prev by Author: Re: [tor-dev] obfs4 questions
Next by Author: Re: [tor-dev] Defending against guard discovery attacks by pinning middle nodes
Previous by thread: Re: [tor-dev] obfs4 questions
Next by thread: [tor-dev] Git hosting changes, git:// support discontinued
Index(es):
- Author
- Thread