On Wed, Nov 2, 2011 at 11:45 AM, Robert Ransom <rransom.8774@gmail.com> wrote:
On 2011-11-02, Watson Ladd <watsonbladd@gmail.com> wrote:
Dear All, [...omitted..]
Right now Tor encrypts the streams of data from a client to a OR with AES-CTR and no integrity checks.
Bullshit. We have a 32-bit-per-cell integrity check at the ends of a circuit. So let's say that I am a malicious 1st hop and a malicious 3rd hop, and I want to find out. If I have known plaintext I can modify it, say the packet type headers. Then the third router will see nonsense and know that it this circuit is compromised. The second router can detect this with my proposal, it cannot right now. Ends of circuit alone are not enough.
Robert Ransom _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Sincerely, Watson Ladd -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin