[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

F. Fox wrote:
> Hash: SHA256
> Anon Mus wrote:
> (snip)
>> Not quite true.
> (snip)
>> 3. Attacker has a list of known public/private key pairs. These are
>> generated over the years by government security service
>> and their own secure network computers (around the world). Such
>> are
>> regularly swapped between 'friendly' countries and are fro sale on
>> black market. Given any tor nodes public key, the attacker looks up
>> that
>> key in the list and it returns the tor nodes genuine private key,
>> it
>> has it in its list. (Interesting note: here you have to imagine that
>> there is software of out there, like the tor network itself, which
>> could
>> be used for generating and acquiring billions of key pairs a year
>> millions of networked computers world wide. You only need to store
>> key pairs such networked software generates after they have finished
>> with them.)
> (snip)
> Umm... unless you're talking about lists of *compromised* keys (i.e.,
> stolen, like via malware), then this is pure FUD. Trying to figure
> the private key by other means, is pretty infeasible.
ahhh ... well you don't appear to understand even the basics of public 
(private) key encryption so its not suprising you reckon its "pure

FYI - the keys exist in UNIQUE pairs - a public key and a private key.

They are related by mathematically and they are both prime numbers.
They may be calculated by software, so you don't have to compromise
They may be read form a file. The contents of any file may be stolen by


Of course you may not really be than dumb.

Whether you are or not makes no difference. Why chip in such a 
misleading statement?

I must say, I feel that 3 very deliberate and clumbsy attempts have
to shoot down such a VERY obvious and sound scenario.

Why so?

Are we here not interested in protecting our anonymity ? or are we 
really here just protecting the reputation of tor?

IMHO - the soundness of any tor software would protects it reputation -

not obvious disinformation.


Be a better friend, newshound, and 
know-it-all with Yahoo! Mobile.  Try it now.  http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ