[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] RFC: AEZ for relay cryptography, v2

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] RFC: AEZ for relay cryptography, v2
From: Nick Mathewson <nickm@xxxxxxxxxxxx>
Date: Sun, 29 Nov 2015 20:21:22 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 29 Nov 2015 20:21:35 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=XfP+P3iicn9YTpnf6NS5QkM0jbKKe1klYQYZCmZssGA=; b=GUHR5caNyoTPWPAMVADtww8YSZsjG9wKwzBopgUrrup57O7aw/8c93bFwyn885qSY0 jA5/YbCqQcq1zeXsh+F+/Xqm6tiXbekfrAmzIkU5wt9bZeL38jPIWsYNIDn1y4tAZBWY 02Tnf4p5l28upoCCSjCEbG8lP3Es7yEQdPZTyBJGH2g3K3tRcfGQeI2K8OtzvC4lEFLV tfqYb4F3jn7WB6EgO542V6FiiqnDDTCohicB8/1BR9auAdlc5EZKh7p+0/HPViCp/XeP mhZy8db3vy1TRhuHEzYxxa0ysr8teO8vHpm4qHE9QrWU0juDpSjm31PGUaoKzkhqZ7Ko ZpDw==
In-reply-to: <B671D30A-AF49-4C04-A0E5-AC0E0E68A053@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <CAKDKvuzR3s-eSAS1csEvZDAc17S7WqkvGQ5udX=YCdk1wbhV1g@xxxxxxxxxxxxxx> <B671D30A-AF49-4C04-A0E5-AC0E0E68A053@xxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

On Sun, Nov 29, 2015 at 7:06 PM, Tim Wilson-Brown - teor
<teor2345@xxxxxxxxx> wrote:
>
> On 30 Nov 2015, at 09:13, Nick Mathewson <nickm@xxxxxxxxxxxxxx> wrote:
> ...
> 2.2. New relay cell payload
> ...
>   When encrypting a cell for a hop that was created using one of these
>   circuits, clients and relays encrypt them using the AEZ algorithm
>   with the following parameters:
>
>       Let Chain denote chain_val_forward if this is a forward cell
>          or chain_forward_backward otherwise.
>
>
> chain_val_backward?

Yes, whoops.

> ...
>
> 3.3. Why _not_ AEZ?
>
>   ...
>
>   THIRD, it's really horrible to try to do it in hardware.
>
>
> This may be considered an advantage against an adversary with the resources
> to employ custom hardware to attempt to break AEZ-based encryption.

Ooh.  Interesting.

> ...
>
> ...
> 4.3. A forward-secure variant.
>
>
> How is this different to what you've specified in the main body of the
> proposal?
>
>
>   We might want the property that after every cell, we can forget
>   some secret that would enable us to decrypt that cell if we saw
>   it again.

Whoops; it's leftover text from an earlier version of the proposal.

-- 
Nick
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] RFC: AEZ for relay cryptography, v2
  - From: Tim Wilson-Brown - teor

References:
- [tor-dev] RFC: AEZ for relay cryptography, v2
  - From: Nick Mathewson
- Re: [tor-dev] RFC: AEZ for relay cryptography, v2
  - From: Tim Wilson-Brown - teor

Prev by Author: [tor-dev] RFC: AEZ for relay cryptography, v2
Next by Author: Re: [tor-dev] [tor-commits] [tor-messenger-build/master] Bug 17492: Include default bridges configuration
Previous by thread: Re: [tor-dev] RFC: AEZ for relay cryptography, v2
Next by thread: Re: [tor-dev] RFC: AEZ for relay cryptography, v2
Index(es):
- Author
- Thread