[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OSI 1-3 attack on Tor? in it.wikipedia

     Looks like OR-TALK has moved up in the world enough that it has at
last acquired a troll.
     On Fri, 15 Feb 2008 12:42:59 -0800 (PST) Anon Mus
<a_green_lantern@xxxxxxxxx> wrote
>F. Fox wrote:
>> Hash: SHA256
>> Anon Mus wrote:
>> (snip)
>>> Not quite true.
>> (snip)
>>> 3. Attacker has a list of known public/private key pairs. These are
>>> generated over the years by government security service
>>> and their own secure network computers (around the world). Such
>>> are
>>> regularly swapped between 'friendly' countries and are fro sale on
>>> black market. Given any tor nodes public key, the attacker looks up
>>> that
>>> key in the list and it returns the tor nodes genuine private key,
>>> it
>>> has it in its list. (Interesting note: here you have to imagine that
>>> there is software of out there, like the tor network itself, which
>>> could
>>> be used for generating and acquiring billions of key pairs a year
>>> millions of networked computers world wide. You only need to store
>>> key pairs such networked software generates after they have finished
>>> with them.)
>> (snip)
>> Umm... unless you're talking about lists of *compromised* keys (i.e.,
>> stolen, like via malware), then this is pure FUD. Trying to figure
>> the private key by other means, is pretty infeasible.
>ahhh ... well you don't appear to understand even the basics of public 
>(private) key encryption so its not suprising you reckon its "pure
>FYI - the keys exist in UNIQUE pairs - a public key and a private key.
>They are related by mathematically and they are both prime numbers.
>They may be calculated by software, so you don't have to compromise
>They may be read form a file. The contents of any file may be stolen by
>Of course you may not really be than dumb.
>Whether you are or not makes no difference. Why chip in such a 
>misleading statement?
>I must say, I feel that 3 very deliberate and clumbsy attempts have
>to shoot down such a VERY obvious and sound scenario.
>Why so?
>Are we here not interested in protecting our anonymity ? or are we 
>really here just protecting the reputation of tor?
>IMHO - the soundness of any tor software would protects it reputation -
>not obvious disinformation.
      Please don't feed the troll, folks!

                                  Scott Bennett, Comm. ASMELG, CFIAG
* Internet:       bennett at cs.niu.edu                              *
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *