[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

Jan Reister wrote:
> Il 14/02/2008 13:36, Anon Mus ha scritto:
>> A. Attacker obtains genuine private keys by,
>> 1. Attacker sets up  a number of genuine tor servers
>> 2. Attacker infects genuine tor nodes with  spyware
> Setting up rogue (or compromised) nodes won't work for getting the 
> directory authority private keys. That makes the rest of your 
> assumption empty. As Roger pointed out:
> Jan
Hello Jan,

Again your statements are wrong.

In the scenario we are discussing the tor clients traffic is diverted 
into a faked tor network, on the whole.

The replying nodes, those which authenticate themselves with knowledge 
of the ACTUAL node's private key. Obtained by methods A 1-3.
So the simulated nodes just look like the real thing, when they are

Your statement that the attacker needs to control a directory authority

is a red herring!
Control of a directory authority is NOT required in this scenario. That

was made plain from the start!
Why did you inject this red herring into your argument?

[ Note this is not for debate:

And directory authority I suspect that given the private keys for 
directory servers, the attacker could also simulate these.

Here's a quote from the wiki you link above.

"How do clients know what the directory servers are? The list comes
the Tor distribution. It hard-codes their locations and their public 
keys. So the only way to trick the user into using a fake Tor network
to give them a specially modified version of the software."

So to trick the user (tor client) into thinking it was using a genuine 
network all it would need is the private keys of the directory server 
(as the public ones are already published) again these could be
by methods A 1-3. As these PRIVATE keys are available in an UNENCRYPTED

file on the directory servers themselves. The same is true on every tor

server in the entire tor network!]


Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ