OSI 1-3 attack on Tor? in it.wikipedia
Andrew
tor at kleinhirn.org
Thu Feb 14 15:24:04 UTC 2008
Jan Reister schrieb:
> Il 14/02/2008 13:36, Anon Mus ha scritto:
>> A. Attacker obtains genuine private keys by,
>> 1. Attacker sets up a number of genuine tor servers
>> 2. Attacker infects genuine tor nodes with spyware
>
> Setting up rogue (or compromised) nodes won't work for getting the
> directory authority private keys. That makes the rest of your
> assumption empty. As Roger pointed out:
> https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#KeyManagement
>
Plus, it is well known that tor has only limited usefulness against an
attacker of the size you just invented.
Such an attacker would have much easier ways to break tor's security.
Those were noted and discussed, but frankly, it's just like a safe: you
can reinforce it all you want, but in the end, if someone with an
(almost) unlimited budget wants to break it, it can be done.
The point of the reinforcement (-> tor) is to make breaking it *harder*,
not impossible.
Andrew
More information about the tor-talk
mailing list