[tor-dev] obfsproxy buffering

David Stainton dstainton415 at gmail.com
Mon Nov 18 15:47:55 UTC 2013

> Super-simple framing protocols often fall victim to attacks in which the
> adversary messes with the length in the frame header.  See, for example,
> "Plaintext Recovery Attacks Against SSH":
> http://www.isg.rhul.ac.uk/~kp/SandPfinal.pdf
> So be careful here.
>    - Ian

Over Tor it won't be a problem because Tor is authenticated.
Thanks for the paper... I do really love to read papers like this.

More information about the tor-dev mailing list