[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] MITM attack on TLS

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] MITM attack on TLS
From: Ivan Markin <twim@xxxxxxxxxx>
Date: Sun, 22 Nov 2015 00:04:22 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 21 Nov 2015 19:04:05 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1448150632; bh=i65ODXoa8fG7G69crmGdpjJkeHkhCnWmG89ZBEPVAKE=; h=Subject:To:References:From:Date:In-Reply-To:From; b=aKS899OUCA9NoIY1GfYvGg6bS1e1uvtBQVj5vC1+LlbdbRvnAQ5bWjmPiuzPoqP6V cT4urIUI0RQprabvg0u+ogQflkycB+1d+JZefPVWjAzEs+4oxFuePHaPOxotSHLPuA MEe148He9mhmMuug7GKZ22hXhtipZIAwp6FEmWhU=
In-reply-to: <CB9A51F6-E030-4D70-92BA-CD7550489700@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAPjf7ZXsPCo2U0rXD2uXWsrxc5Do=9_1KUyY1JrU+gYztNdXbg@xxxxxxxxxxxxxx> <564F9FD7.3060803@xxxxxxxxxx> <AA7E7174-841B-4710-BFFA-0CE406F9F22F@xxxxxxxxx> <564FA467.3060905@xxxxxxxxxx> <CAB7TAMmfAUO1+_kFhMXvSKGZCaBp-ZuMQ8BzHYt_GqphojEofA@xxxxxxxxxxxxxx> <8AAB7E6C-291F-41B8-B8DC-C0D4CB2F37B9@xxxxxxxxx> <20151121214350.GF16523@xxxxxxxxxxxxxx> <CAB7TAMn2R01A7po+bpZX34RDgWZ4CMv2PqZi7vvDaj4fMRz0ww@xxxxxxxxxxxxxx> <20151121223649.298b9699.mbm@xxxxxxxxxx> <A1CE5E38-FCEE-4C34-B900-E72982307FE8@xxxxxxxxx> <5650FDA0.2030709@xxxxxxxxxx> <CB9A51F6-E030-4D70-92BA-CD7550489700@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Justin:
> Because decrypting all traffic at the gateway slows down the 
> Internet, so heâs going to have to decide what to decrypt.

Not much. I'm pretty sure that lag would not be even perceptible. When
I'm using Tor my traffic encrypts so many times... I haven't noticed any
significant visible slowdown.
Ciphers are pretty fast now. AES is even in hardware [see AES-NI].

> My threat model assumes that Meek-Google will be broken.  It also
> assumes that the Amazon and Azure versions may be broken.  Should
> they all be broken, I will switch to another transport.

If TLS is broken via CA cert then it's broken (no matter which).

-- 
Ivan Markin
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] MITM attack on TLS
  - From: Justin Davis
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin
- Re: [tor-talk] MITM attack on TLS
  - From: Justin
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin
- Re: [tor-talk] MITM attack on TLS
  - From: Allen
- Re: [tor-talk] MITM attack on TLS
  - From: Justin
- Re: [tor-talk] MITM attack on TLS
  - From: Andreas Krey
- Re: [tor-talk] MITM attack on TLS
  - From: Allen
- Re: [tor-talk] MITM attack on TLS
  - From: mick
- Re: [tor-talk] MITM attack on TLS
  - From: Justin
- Re: [tor-talk] MITM attack on TLS
  - From: Ivan Markin
- Re: [tor-talk] MITM attack on TLS
  - From: Justin

Prev by Author: Re: [tor-talk] MITM attack on TLS
Next by Author: Re: [tor-talk] Russia actually kind of cracked (?) Tor
Previous by thread: Re: [tor-talk] MITM attack on TLS
Next by thread: Re: [tor-talk] MITM attack on TLS
Index(es):
- Author
- Thread