[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] NSA has cracked web encryption!

07.09.2013 19:41, Nick Mathewson:
No need to worry, no lengthy content, just adding links.

> On Sat, Sep 7, 2013 at 12:02 PM, krishna e bera <keb@xxxxxxxxxxxxxx> wrote:

> I want to fix all that in 0.2.5 -- see proposal 220 [3], and George
> Kadianakis's draft hidden service improvements, and so forth.  I'd
> like to see a Tor that can run with no reliance 1024-bit Z_p crypto
> inside the next three to six months, if at all possible.

Proposal 220
- with line numbers:


- without:


> (One issue here is that designing ECC groups is not an exercise for
> the likes of me. Using a curve that we made up ourselves would pretty
> much guarantee using cryptographic code we implemented ourselves,
> which is not the wisest thing in the world.  Maybe in a few months DJB
> or somebody will start pushing a "curve38331" or "curve511187"[4] or
> something like that.  If that's so, you can bet we'll be jumping.)
> Symmetric key:
> We're using AES128.  I'm hoping to move to XSalsa20 [...]

> [3] This only works once users and relays start upgrading to 0.2.4
> though.  Please upgrade!
> [4] These curve names are completely hypothetical.

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to