[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and HTTPS graphic

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor and HTTPS graphic
From: Number Six <number6@xxxxxxxxxxxxx>
Date: Thu, 08 Mar 2012 19:54:37 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 08 Mar 2012 22:54:51 -0500
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=elitemail.org; h= message-id:from:to:cc:mime-version:content-transfer-encoding :content-type:in-reply-to:references:subject:date; s=mesmtp; bh= oJtwqWvmhuU3ZCV7GMa9/bwvFII=; b=GfslB4ibIPxj/rMkxppH2T4owQIBDfws UmXp2Hn7G2NCV+sDUYEKMu6wqfDlZvj2YBrE6Q3kIM2CpOaPUKSo1Vic5Drz43sl 2xavEkxrEcxY2HkQHRKTju/Yzt6KVQjmT08YamAbvFfDDLEMg1abawLOewKKSVVn cw04hSjtYk4=
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:from:to:cc:mime-version :content-transfer-encoding:content-type:in-reply-to:references :subject:date; s=smtpout; bh=oJtwqWvmhuU3ZCV7GMa9/bwvFII=; b=UuW DhkR45ynx3aEP58L3qKD9aj1ypYpozUowq43sY1SyV33fQTO3i+6Y4k2kq19TDOV JAD5U9xWSfpXjFoKWGM0NNA0XJUhH1f4O0LIB/htzgPrFrZOt/Lq2xOFy0UtIW0f NBImuXfBPYvRXEBod/X5vsXI3JYbMFqOsyuLT8lk=
In-reply-to: <20120307002054.GO3581@sescenties.(null)>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <4f5598d6.c3bd2a0a.4829.34b7SMTPIN_ADDED@xxxxxxxxxxxxx><CAKu8PSthakJ6U=KduzsYmb63jh7Rp0cikBMNMtCMWm09WsxQRw@xxxxxxxxxxxxxx><1331050953.21664.3.camel@anglachel><20120306122216.28bda348@kilik><1331060651.21664.9.camel@anglachel><20120306235018.GD21491@xxxxxxxxxxxxxxxx> <20120307002054.GO3581@sescenties.(null)>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

On Tue, Mar 6, 2012, at 04:20 PM, Seth David Schoen wrote:
> andrew@xxxxxxxxxxxxx writes:
> 
> > The GPA is in every paper on the topic. But only Seth has the real
> > answer.
> 
> I was concerned that the graphic should not make people think that
> _no one_ can ever associate them with their browsing when they use
> Tor.  I've been taught to think of the GPA threat (and other traffic
> correlation threats) as real, so I thought people should have some
> indication of those threats.

Why do you assume that the NSA can break Tor but not HTTPS?

As I see it, if you extrapolate the timing attack literature to justify
ignoring fixing active attacks, why do you not extrapolate the work on
RSA key cracking to assume that the NSA can factor popular website keys
in bathtubs full of DNA?

Or, at the very least, why not extrapolate it to the NSA compromising
one of the 1000-some wildcard root certificates your own SSL Observatory
scan has detected?

This paywall (ie non-"dumpster available") abstract appears to indicate
that the research community is within striking distance of factoring an
RSA keys in use by many HTTPS servers today. At least, when compared to
how close timing attack research is to breaking Tor.
http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=1435370

I guess I'm just wondering: where do we draw the line?

In addition to the decentralized HTTPS certificate observatory, one
could imagine a network verifying the DH parameters are the same when
received by two endpoints of an HTTPS session. If perfect forward
secrecy is universally deployed, a bathtub full of DNA or server
compromise that yielded an RSA private key for google.com could be used
transparently to escape your decentralized observatory scan, but a
DH-recording scanning network will still see different DH parameters at
the endpoints.

But how do deploy such a network? Is planetlab up to the task? Is anyone
studying endpoint consensus on DH parameters? Shouldn't they be?

It seems like our rabbit hole is very deep. Do we really have what it
takes to watch the watchers?

I fucking hope so, but it does seem that consensus reality wrt
cryptographic security is hard to establish.

-- 
http://www.fastmail.fm - Access all of your messages and folders
                          wherever you are

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- Re: [tor-talk] Tor and HTTPS graphic
  - From: ix4svs
- Re: [tor-talk] Tor and HTTPS graphic
  - From: Ted Smith
- Re: [tor-talk] Tor and HTTPS graphic
  - From: Andrew Lewman
- Re: [tor-talk] Tor and HTTPS graphic
  - From: Ted Smith
- Re: [tor-talk] Tor and HTTPS graphic
  - From: andrew
- Re: [tor-talk] Tor and HTTPS graphic
  - From: Seth David Schoen

Prev by Author: Re: [tor-talk] "EVIL bug" Linux Tor Browser Bundle (2.2.35-8)
Next by Author: Re: [tor-talk] Orbot and firewall?
Previous by thread: Re: [tor-talk] Tor and HTTPS graphic
Next by thread: Re: [tor-talk] Tor and HTTPS graphic
Index(es):
- Author
- Thread