[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] NSA supercomputer

Thus spake unknown (unknown@xxxxxxxxx):

> On Sat, 6 Apr 2013 23:54:34 -0400 cmeclax
> <cmeclax-sazri@xxxxxxxxxxxxxxxx> wrote:
> > *The NSA runs a Tor relay called Eve. It's picked as the rendezvous
> > point for a hidden service. Can Eve read the plaintext?
> No.  Encryption with HS is end-to-end in any case.  Eve cannot reroute
> data to fake HS without knowledge of onion identity private key.
> Active (Mallory) attacker can drop or modulate circuits stream without
> decryption.
> Worse attack scenario: obtain a copy of identity private keys >50% DA
> -- Directory Authority nodes (undercover operations, installing bugs,
> TEMPEST, etc) and full emulate connection with fake consensus to
> virtual Tor network through DPI on ISP-level and decrypt all the
> traffic on the fly.

I think this attack is actually easier to defend against than identity
key theft right now. It would seem to me that what you really want to do
with this attack is feed fake consensuses to certain clients to capture
their traffic.

People who suspect they may be such targets can record hashes of their
consensuses using a Tor Controller, and later verify that hash history
against our archives (https://metrics.torproject.org/data.html), or
ideally against other people also running such a controller and
mirroring their consensus hash history results:

I think an initial prototype of something like this shouldn't be too
hard to hack up with a well-documented controller library such as Stem:

I would be happy to help mentor someone to do this for GSoC, etc.

Mike Perry

Attachment: signature.asc
Description: Digital signature

tor-talk mailing list