[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] The New Threat: Targeted Internet Traffic Misdirection
BM-2D9WhbG2VeKsLCsGBTPLGwDLQyPizSqS85@xxxxxxxxxxxxx writes:
> Since I thought it might be interesting to consider the potential
> implications of BGP-related attacks described above if applied to guard or
> exit relays, I wanted to share the following article:
> http://www.renesys.com/2013/11/mitm-internet-hijacking/
>
> That post also refers to an earlier, related post:
> http://www.renesys.com/2010/11/chinas-18-minute-mystery/
>
> Any thoughts/reactions from a Tor standpoint?
You can't use BGP redirection to impersonate a node because the
individual nodes have unique cryptographic keys that are listed in
the Tor directory consensus. (We need all other Internet services
to move to having unique cryptographic keys, too, so that people
who can control and redirect networks can't impersonate them!)
You could use BGP redirection to become able to spy on traffic
headed to a guard node or coming out of an exit node that would
otherwise not have passed through networks that you control.
The most relevant consequence of that would probably be increasing
the probability that the attacker can successfully do a traffic
correlation or confirmation attack.
--
Seth Schoen <schoen@xxxxxxx>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk