[tor-talk] Rumors of Tor's compromise

Mansour Moufid mansourmoufid at gmail.com
Tue Oct 25 17:10:21 UTC 2011


On Tue, Oct 25, 2011 at 11:04 AM, Andrew Lewman <andrew at torproject.org> wrote:
> One-third of the machines on those IP addresses are vulnerable to
> operating system or other system level attacks, meaning he can break
> in. That's quite a few! We wonder if that's true with the real Tor
> network, or just their simulated one? Even ignoring the question of
> what these 3500 extra IP addresses are, it's important to remember that
> one-third by number is not at all the same as one-third by capacity:
> Tor clients load-balance over relays based on the relay capacity, so
> any useful statement should be about how much of the *capacity* of the
> Tor network is vulnerable. It would indeed be shocking if one-third of
> the Tor network by capacity is vulnerable to external attacks.

Also keep in mind that [1] claims 30% -- of the 50% of routers which
run Windows -- may be vulnerable. So, 15% of routers (assuming these
estimates are correct) in total, probably corresponding to a tiny
fraction of the network's net capacity, considering these nodes are
likely home users on DSL.

> From there, the attack gets vague. The only hint we have is this nonsense
> sentence from the article:
>
>  The remaining flow can then be decrypted via a fully method of attack
>  called "to clear unknown" based on statistical analysis.

A better translation is: "The remaining flows can then be completely
decrypted by an unknown-plaintext [ciphertext-only] attack, based on
statistical analysis."

I've never heard of such an attack against post-WWII ciphers. (Except
perhaps the 1974 version of crypt -- see [2] for an interesting read
-- but we're talking about AES here.)

[1] http://www.itespresso.fr/securite-it-la-confiance-dans-le-reseau-d-anonymisation-tor-est-ebranlee-47287.html/2
[2] http://cm.bell-labs.com/cm/cs/who/dmr/crypt.html

-- 
Mansour


More information about the tor-talk mailing list