OR partial todo file

Roger Dingledine arma at mit.edu
Sat Jun 29 01:35:05 UTC 2002

On Sat, Jun 29, 2002 at 12:11:40AM +0100, Andrei Serjantov wrote:
> > the minion-design document at http://mixminion.net/, because it brings
> > up a lot of issues that the current onion routing designs don't even
> > realize are problems. Specifically, consider sections 3.1, 4.4, and 5.
> The above URL does not point to anythign sensible for me. I vaguely

Whoops. Fixed now. http://mixminion.net/

> With regards to tagging attacks, OR is resistant to tagging by the active
> network attacker, but is vulnerable to compromised mixes tagging. I think.
> Maybe this is wrong -- what do people think.


> Ok, slightly confused. The previous code which was in the cvs before you
> sent the tar round had a line like this in the Makefile in common/
> log.o: /usr/include/_G_config.h /usr/include/wchar.h

Pay no attention to the code outside or/ :) We'll slowly move away from
things like that. Though this switch to autoconf is going to throw us
for a loop for a while, it seems. Hopefully we'll get that straightened
out soon.

> > Without oaep, things encrypted with RSA can be modified but still
> > accepted. I need to look at the protocols we use more to decide if this
> > opens up any vulnerabilities. I noticed that we don't have integrity
> > hashes in very many places; this can open us up to tagging attacks,
> > among others.
> Yes... I noticed this as well. (The hashes issue). What is OAEP, though?
> Tagging attacks by compromised OR's need to be thought about.

Basically, we solve tagging attacks by putting more hashes into the onion.
Since the author of the onion knows the entire content of the onion, it's
a much simpler problem than in the Mixminion case.


More information about the tor-dev mailing list