[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: OSI 1-3 attack on Tor? in it.wikipedia
F. Fox wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
> Anon Mus wrote:
>> Not quite true.
>> 3. Attacker has a list of known public/private key pairs. These are
>> generated over the years by government security service
>> and their own secure network computers (around the world). Such
>> regularly swapped between 'friendly' countries and are fro sale on
>> black market. Given any tor nodes public key, the attacker looks up
>> key in the list and it returns the tor nodes genuine private key,
>> has it in its list. (Interesting note: here you have to imagine that
>> there is software of out there, like the tor network itself, which
>> be used for generating and acquiring billions of key pairs a year
>> millions of networked computers world wide. You only need to store
>> key pairs such networked software generates after they have finished
>> with them.)
> Umm... unless you're talking about lists of *compromised* keys (i.e.,
> stolen, like via malware), then this is pure FUD. Trying to figure
> the private key by other means, is pretty infeasible.
ahhh ... well you don't appear to understand even the basics of public
(private) key encryption so its not suprising you reckon its "pure
FYI - the keys exist in UNIQUE pairs - a public key and a private key.
They are related by mathematically and they are both prime numbers.
They may be calculated by software, so you don't have to compromise
They may be read form a file. The contents of any file may be stolen by
Of course you may not really be than dumb.
Whether you are or not makes no difference. Why chip in such a
I must say, I feel that 3 very deliberate and clumbsy attempts have
to shoot down such a VERY obvious and sound scenario.
Are we here not interested in protecting our anonymity ? or are we
really here just protecting the reputation of tor?
IMHO - the soundness of any tor software would protects it reputation -
not obvious disinformation.
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ