[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: one less onion skin

To: or-talk@xxxxxxxxxxxxx
Subject: Re: one less onion skin
From: James Muir <jamuir@xxxxxxxxxxxxxxx>
Date: Wed, 07 Mar 2007 01:07:06 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Wed, 07 Mar 2007 01:07:02 -0500
In-reply-to: <45EE4DD4.9040701@ironkey.com>
References: <45EE3B64.7060909@scs.carleton.ca> <45EE460E.4040306@ironkey.com> <45EE488D.5050402@scs.carleton.ca> <45EE4DD4.9040701@ironkey.com>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.9 (X11/20070104)

Steve Southam wrote:

I'm not sure if this really happens, but if you have a connection open to an OR and a new circuit is required through it, couldn't ORn-1 send a CREATE_FAST to ORn?

I suppose that could happen, since the OP controls what commands are sent down the circuit to OR_{n-1}. However, I don't think it would be a good idea. If OR_{n-1} sent a CREATE_FAST message to OR_n then OR_{n-1} would learn the value of the AES key that OR_n shares with the OP.

The only legitimate situation in which a CREATE_FAST should be used is to do key agreement with OR_1.

-James

References:
- one less onion skin
  - From: James Muir
- Re: one less onion skin
  - From: Steve Southam
- Re: one less onion skin
  - From: James Muir
- Re: one less onion skin
  - From: Steve Southam

Prev by Author: Re: Building tracking system to nab Tor pedophiles
Next by Author: Re: one less onion skin
Previous by thread: Re: one less onion skin
Next by thread: Re: one less onion skin
Index(es):
- Author
- Thread