[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Newbie's questions
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Newbie's questions
- From: coderman <coderman@xxxxxxxxx>
- Date: Tue, 27 Feb 2007 11:08:42 -0800
- Delivered-to: archiver@seul.org
- Delivered-to: or-talk-outgoing@seul.org
- Delivered-to: or-talk@seul.org
- Delivery-date: Tue, 27 Feb 2007 14:08:59 -0500
- Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=PzSeFMXps2wBWg3iJgtRyOKxha5zDQqhbyNYnsHldGdlfH4mZU5UyEMQQRGwyzTY5vgjDhHzGaG85IDeeC9ILqcyRw7NAegH3s8R15Mq+cLm0FrNNDPHdLh57W4gYUWHWdre44mbbAvMcch2IMWdq0611ir0LmF49bsUQZ3xttQ=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=j60Pk+oJRDjPki60HlRQ1cpGoj583zVxlFDbZC4z2BJ1vJGraCqZMBO8DkHze8XPGwg97iUEWMYLP8lbA2cvhxKksFqbbmFp8npwcAL18ku+QMPJTMOSMX1ufPGmlZYDwNO1wxH85tF+Fuxbzdyz+2fmCswFGhrhQ1A0s7LHaK0=
- In-reply-to: <45E44FDB.9080009@csuohio.edu>
- References: <857578.70805.qm@web23311.mail.ird.yahoo.com> <45E44FDB.9080009@csuohio.edu>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On 2/27/07, Michael Holstein <michael.holstein@xxxxxxxxxxx> wrote:
...
> (2) Can the green line be cracked by intercepting the packets or headers?
An attack against AES that's more effective than bruteforce is not (yet)
known, so I'd say "probably not", although TOR developers are clear to
tell you it doesn't defend against a "global adversary" (eg:
$3_letter_agencies).
this is actually more complicated to answer; namely implementation
specific in the context of an active attacker. consider an AES cache
timing attack which can recover AES secrets remotely over the network
with modest effort:
http://cr.yp.to/antiforgery/cachetiming-20050414.pdf
there are similar side channels (exploiting pipelining, L1/L2 cache
latency, and other CPU capabilities) against public key and symmetric
cipher implementations in software.
while not a dire threat this is something to consider in your threat
model and one reason i am a big fan of hardware cipher implementations
like VIA Padlock.