[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor security advisory: Debian flaw causes weak identity keys

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor security advisory: Debian flaw causes weak identity keys
From: coderman <coderman@xxxxxxxxx>
Date: Tue, 13 May 2008 11:11:18 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 13 May 2008 14:11:24 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=MhV8idpDatWF1rEdqwokI24wDIYzOeS9yvx05ZckjdA=; b=KYZGvbXfz4aAbkEt4LgCeVP40oxZPg8qhQ2Exs02attbY10JIZJzL7E0R8objYx1/ZQAl4mE6U8OAOibIL9RQNH4roBX1jtM9h0cOr57g8PHMkihLlmsjg2zRkShyEKdcgqNYVDunBYZgxTTVKtv4wACv0DMLlbXQFJHlwlXwEI=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=oYVUwhE2+2UUuZDK6VCapGHlUSdEiSwMFZpRTwbXsemdUltyco35eTVyHXvebtpzZDeJjEOKZQ69weAOFOxSEbKkd9bheoLDEy6zyAGydd58HgJr+vtH2jGh+r7x6goSglfoOIt/EqR2OeGbMfuP75SlL77g3LygCcT6pRx94Ew=
In-reply-to: <20080513155535.GA18848@xxxxxxxxxxxxxx>
References: <20080513155535.GA18848@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Tue, May 13, 2008 at 8:55 AM, Roger Dingledine <arma@xxxxxxx> wrote:
> ...
>  Finally, while we don't know of any attacks that will reveal the
>  location of a weak-key hidden service, an attacker could derive its
>  secret key and then pretend to be the hidden service.


MITM'ing an .onion; now that's quite a trick...

References:
- Tor security advisory: Debian flaw causes weak identity keys
  - From: Roger Dingledine

Prev by Author: Re: List of exit nodes wanted
Next by Author: Re: security of systems using Tor < 0.2.0.26 [was: JanusVM ...]
Previous by thread: Tor security advisory: Debian flaw causes weak identity keys
Next by thread: Re: Tor security advisory: Debian flaw causes weak identity keys
Index(es):
- Author
- Thread