[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication

To: undisclosed-recipients:;
Subject: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Fri, 23 Mar 2012 20:19:49 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 23 Mar 2012 16:20:01 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bug tracker status mails <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#5460: Write proposal(s) to evaluate circuit crypto authentication
------------------------+---------------------------------------------------
 Reporter:  mikeperry   |          Owner:       
     Type:  defect      |         Status:  new  
 Priority:  major       |      Milestone:       
Component:  Tor Client  |        Version:       
 Keywords:              |         Parent:  #5456
   Points:              |   Actualpoints:       
------------------------+---------------------------------------------------
 We need to write a proposal to determine the best way to provide
 authentication to our circuit crypto, so that cells that have been
 tagged/tampered with/duplicated cause circuit failure at the 2nd hop, not
 the third.

 As I understand it, there are two competing possibilities:

 1. Self-authenticating crypto (BEAR/LION/LIONESS, others?)
 2. Per-hop MAC

 The main disadvantage of 1 is that it's likely slow and not very many
 people use it. The disadvantage of 2 is that it requires us to disclose
 path length count and position to nodes, as well as have MACs that either
 grow with increased path length, or become less secure with increased path
 length.

 There are probably other issues. I believe the current plan is to produce
 both options in one or more proposals and compare and contrast them.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5460>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #2733 [Vidalia]: Option to filter message log output by search term
Next by Author: Re: [tor-bugs] #5459 [Torflow]: Exit scanner should scan for Guard <-> Exit reachability
Previous by thread: Re: [tor-bugs] #5459 [Torflow]: Exit scanner should scan for Guard <-> Exit reachability
Next by thread: Re: [tor-bugs] #5460 [Tor Client]: Write proposal(s) to evaluate circuit crypto authentication
Index(es):
- Author
- Thread