[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

UDP.

To: or-talk@xxxxxxxxxxxxx
Subject: UDP.
From: Watson Ladd <watsonbladd@xxxxxxxxx>
Date: Tue, 16 May 2006 19:26:57 -0400
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 16 May 2006 19:27:24 -0400
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:mime-version:content-transfer-encoding:message-id:content-type:to:from:subject:date:x-pgp-agent:x-mailer; b=q4jsI1K91UKLxOhv2j3PliQIZl8IZqtzjEDrh2kIaVVVdy2B9ZrMOj3r83rZhKj5y6l0VB4g7WyOoZ+IcmSnKWz9ZVzmilHqmvsuIgDy2fH3hDCKu1T0z0kshkM008xUOt0zccZCtKTs1dB7KaxrKraQg5vqiGgKZkmOl9QxVpQ=
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

I saw some problems in the UDP proposal. First, the keystream is the same for each consecutive UDP packet except for the first and last byte and being shifted down once in counter mode. CBC mode would stop that. Secondly a TCP connection is being opened and unused. Why? How does the exit node know what circuit the packets belong to? Different source ports in outgoing UDP packets? Will IGMP play nicely with Tor? Some is just vagueness, some is security issues.

I think a statement in the docs saying CBC is the official cipher mode of Tor would prevent future misuse of modes of operation.

Sincerely,
Watson Ladd
---

"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin

Attachment: PGP.sig
Description: This is a digitally signed message part

Prev by Author: Re: TOR on Academic networks (problem)
Next by Author: Re: TOR on Academic networks (problem)
Previous by thread: DNS related-ideas
Next by thread: Error 403
Index(es):
- Author
- Thread