[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The dh small subgroup confinement attack and Tor

Ringo wrote:
> Hey Tor,
> I was watching a presentation today
> (http://www.youtube.com/watch?v=ySQl0NhW1J0) and saw that this attack
> applied to some of the cryptography Tor uses. I googled around and
> couldn't find any information about where this attack would apply in Tor
> or if it had been fixed. It could be that this attack would still apply
> but that the way Tor implements the crypto, it's risks are negated.
> Is there anybody who can clear up my confusion?
Tor uses a subgroup of the units group mod p of prime order, preventing
small subgroup confinement.
> Thanks,
> Ringo

Attachment: signature.asc
Description: OpenPGP digital signature