[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography

To: <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography
From: "Tomer Ashur" <tomer.ashur@xxxxxxxxxxxxxxxx>
Date: Tue, 24 Sep 2019 00:33:26 +0200
Cc: martijn@xxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 23 Sep 2019 18:33:45 -0400
In-reply-to: <CAKDKvuy3B+TRvavVRgKT_6pqFTNXPxwuMx7vj=FvhnCyXhGMYA@mail.gmail.com>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CADhQzSth3EXD8gBT22n_qpFLT2PjRHtDnafbkCAWz2v96g+rnA@mail.gmail.com> <CAKDKvuy3B+TRvavVRgKT_6pqFTNXPxwuMx7vj=FvhnCyXhGMYA@mail.gmail.com>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHa9K+bTZCTkDX/YIojTURr6ZiVwQJxFvHEpxrXCeA=

Hi Nick, all,

> It would also be interesting to know what the ADL authors think of this proposal too -- most of us at Tor aren't cryptographers ourselves.

We're looking into it. If indeed this proposal delivers on its claims we'll be happy to endorse it over Proposal 295. Will try to get back to you soon. 

Tomer 

-----Original Message-----
From: tor-dev <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx> On Behalf Of Nick Mathewson
Sent: Sunday, September 15, 2019 3:26 AM
To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Cc: martijn@xxxxxxxxx
Subject: Re: [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography

On Thu, Sep 12, 2019 at 6:34 PM Jean Paul Degabriele <jpdega@xxxxxxxxx> wrote:
>
> Hello tor-devs,
>
> Martijn Stam and myself have previously worked on analysing the 
> security of proposal 261. Together with Martijn's PhD student, 
> Alessandro Melloni, we have now written a proposal for an onion 
> encryption scheme as an alternative to Proposals 261 and 295. It 
> builds on the GCM-RUP construction from [ADL17] but it offers a number 
> of improvements over proposal 295. In addition to addressing the 
> issues described below we expect it to offer better performance. We 
> are currently working on a security proof and potential efficiency 
> optimisations for this scheme. In the meantime, we would be very happy 
> to hear what you think and any feedback you may have. If something is unclear, please let us know.
>

Thank you!  I've added this as proposal 308.  I'll be looking it over with interest in the near future.

One thing that helps me understand this kind of proposal is writing or examining a reference implementation for it, so I can see clearly what state is kept, which party does what, and so on.  I did one for proposal 295 as https://github.com/nmathewson/prop295ref -- I hope I can get a reference implementation together for this one too, unless you're already on it.

It would also be interesting to know what the ADL authors think of this proposal too -- most of us at Tor aren't cryptographers ourselves.

thanks again, and best wishes,
--
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography
  - From: Jean Paul Degabriele
- Re: [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography
  - From: Nick Mathewson

Prev by Author: Re: [tor-dev] Optimistic SOCKS Data
Next by Author: [tor-dev] (no subject)
Previous by thread: Re: [tor-dev] Counter Galois Onion: A New Proposal for Forward-Secure Relay Cryptography
Next by thread: [tor-dev] Preferred compression type?
Index(es):
- Author
- Thread