[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hello I have a few question about tor network

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Hello I have a few question about tor network
From: Alexandre Guillioud <blackdeamon38@xxxxxxxxx>
Date: Thu, 31 Dec 2015 15:13:03 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 31 Dec 2015 09:13:21 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=QVGZeqN6cmnpOeqO4RPQqGHNRs6zsUBWgqNEk/rz1qQ=; b=W7XlcvTDXrCQyJ4IKX5NZcjtXHBSqE0A37q/U/aD1kXDmTPOLAXPamrD4hMMP0cR/3 w042e/yW0suYtnb4NQQn3Vw5KSeCzTMXEwbFC8fr0PMjv9va4riE1qAuX637h4PrM96g g1RKtFoRt68waLlX4N9f2wyM5LJkuhA8Q/2NS2EEo/FlyimCE3ZuzA88dSW6OBMcY6Vx MhvpLW7UJMXR6YndVkCcCpyhT53LkdFP2qQekK5MW7QNQWKOl/bhHsgcx9wisRmZ3R5P ys4kXcfGIH5pAhsG8mgKno2apXmOGyYgMVNndf/7NrJsqPg6c+2SamgrU1hy2xYs9YlU SLbw==
In-reply-to: <20151231140606.GG27095@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <34e1536b62d7b9ce1ba867f0fa59c8@xxxxxxxxxxxxxxxxxxxxxxx> <1705812.7vP645ThCe@home> <n62t6i$c5o$1@xxxxxxxxxxxxx> <4487129.Pq0bu5ingc@home> <20151231140606.GG27095@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

" That's definitely an improvement, although there's an issue in the long
run that the crypto in HTTPS is getting better faster than the crypto
in Tor's hidden services implementation. :-) "

I don't understand why you are saying that this is an 'issue'.
If one of the crypto tech is getting better, the tor stack will be improved
in its whole, isn't it ?

Moreover, i've read that some 'ssl authoritie' is now allowing registration
of .onion domains.

Le jeudi 31 dÃcembre 2015, Seth David Schoen <schoen@xxxxxxx> a Ãcrit :

> Aeris writes:
>
> > > Does it apply also to traffic going from/to hidden services? How safe
> are
> > > users of hidden services when compared to users that browse clearnet
> with
> > > Tor?
> >
> > Correlation is possible but very more difficult, because 3 nodes for
> client to
> > rendez-vous points, then 3 others for rendez-vous to HS.
>
> As I said in my previous message, I don't think this is the case because
> the correlation just requires seeing the two endpoints of the connection,
> even without knowing the complete path.  This is even possible with
> a hidden service because the server that provides the hidden service
> also uses an entry guard of its own, which is the "endpoint" for traffic
> correlation purposes when a user is contacting the hidden service, despite
> the much longer (and so harder to observe) path within the Tor network.
>
> The lack of security improvement from longer path lengths is described in
>
> https://www.torproject.org/docs/faq.html.en#ChoosePathLength
>
> > Strength of HS is also to not have clearnet output, even if the Â exit Â
> node
> > of one of the circuits id compromised, an attacker canât access clear
> data.
> > Not the case on the standard case, when compromised exit node have
> access to
> > all the user data if HTTPS is not used.
>
> That's definitely an improvement, although there's an issue in the long
> run that the crypto in HTTPS is getting better faster than the crypto
> in Tor's hidden services implementation. :-)
>
> --
> Seth Schoen  <schoen@xxxxxxx <javascript:;>>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
> --
> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx <javascript:;>
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Hello I have a few question about tor network
  - From: Seth David Schoen

References:
- Re: [tor-talk] Hello I have a few question about tor network
  - From: Aeris
- Re: [tor-talk] Hello I have a few question about tor network
  - From: Oskar Wendel
- Re: [tor-talk] Hello I have a few question about tor network
  - From: Aeris
- Re: [tor-talk] Hello I have a few question about tor network
  - From: Seth David Schoen

Prev by Author: [tor-talk] staggeringly unhelpful
Next by Author: [tor-talk] regression in torproxy 2.7.4?
Previous by thread: Re: [tor-talk] Hello I have a few question about tor network
Next by thread: Re: [tor-talk] Hello I have a few question about tor network
Index(es):
- Author
- Thread