[tor-talk] Tor browser can be fingerprinted

Roger Dingledine arma at mit.edu
Wed Sep 11 23:43:59 UTC 2013


On Wed, Sep 11, 2013 at 12:50:41PM -0400, Marthin Miller wrote:
> 1024bit RSA keys which can be cracked in a few hours

I believe this to be false currently.

(But that doesn't mean we shouldn't fix it, because it will become true
some time in the next few decades, and we don't know when that will be.
(Good thing we're fixing it.))

> Also if you let users choose how much security they want that's better
>(for example choose high padding and time delay on relays if security
>have more priority than speed)

Unfortunately, this one is more complex than you imply as well. Take a
look at "Anonymity Loves Company: Usability and the Network Effect"
for much more discussion here:
http://freehaven.net/anonbib/#usability:weis2006

--Roger



More information about the tor-talk mailing list