[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: OSI 1-3 attack on Tor? in it.wikipedia
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Steve Southam wrote:
> Can you fake out the onion keys of the routers the client thinks it's using?
thank god no!
that's the whole point of encrypting the communications and sharing the
public keys fingerprints inside tor sources.
a man in the middle can reroute traffic through his nodes but it will be
useless (except for sending your connections to /dev/null) as it can't
fake the private keys of each node.
In the italian wikipedia article, the author is wrongly assuming that
public keys for directory authorities will be exchanged through
Internet, so they can be easily spoofed, while they're already safe
inside your client.
ciao
- --
Marco Bonetti
Slackintosh Linux Project Developer: http://workaround.ch/
Linux-live for powerpc: http://workaround.ch/pub/rsync/mb/linux-live/
My webstuff: http://sidbox.homelinux.org/
My GnuPG key id: 0x86A91047
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHs0syE3eWALCzdGwRAg96AJ9HvuOd5U4ZHkNcV8eEr8WfNLUnggCfTwII
WNQoSSh62Tp0g1CJZHv5beA=
=2FgM
-----END PGP SIGNATURE-----