[tor-bugs] #8089 [Stegotorus]: Implement the handshake and key exchange as described in the paper
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Mar 27 17:24:31 UTC 2014
#8089: Implement the handshake and key exchange as described in the paper
----------------------------+-------------------
Reporter: vmon | Owner: zwol
Type: defect | Status: new
Priority: critical | Milestone:
Component: Stegotorus | Version:
Resolution: | Keywords:
Actual Points: | Parent ID: #8099
Points: |
----------------------------+-------------------
Comment (by zwol):
Yes, definitely use Elligator instead of the mess I made up. You may also
want to replace AES-GCM with something that's more likely to run in
constant time. AES-OCB might be usable now, depending where the funding
is coming from (OCB is patented; there's a blanket license for open source
use, but there's also a clause specifically forbidding use for military
purposes, which could be read to extend to anything funded by military
tentacles of the government). ChaCha/Poly1305 might also be a good
choice. In general, I have come around to the opinion that I should have
trusted DJB instead of NIST when I designed this thing.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8089#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list