[tor-dev] Browsers, VMs and Targeted Hardware Bit-Flips

Hi all, There have been a series of recent attacks that take advantage of "rowhammer" (a RAM hardware bit-flipping vulnerability) to flip bits in security-critical data structures. VMs sharing the same physical RAM are vulnerable, and browsers and mobile apps are remote vectors with

Re: [tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519

> On 18 Nov. 2016, at 09:20, David Goulet wrote: > > On 18 Nov (08:27:53), teor wrote: >> >>> On 18 Nov. 2016, at 03:52, David Goulet wrote: >>> I ended up using the x25519 scheme described above by Nick. I also ended up dodging the

Re: [tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519

On 18 Nov (08:27:53), teor wrote: > > > On 18 Nov. 2016, at 03:52, David Goulet wrote: > > > >> > >> I ended up using the x25519 scheme described above by Nick. > >> > >> I also ended up dodging the UX questions raised on this thread, by only > >> specifying the Tor

Re: [tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519

> On 18 Nov. 2016, at 03:52, David Goulet wrote: > >> >> I ended up using the x25519 scheme described above by Nick. >> >> I also ended up dodging the UX questions raised on this thread, by only >> specifying the Tor protocol level details, and leaving the out-of-band >>

Re: [tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519

On 15 Nov (16:29:33), George Kadianakis wrote: > Nick Mathewson writes: > > > [ text/plain ] > > Hi! I thought I'd write this up while it was fresh in my mind. It > > could be used as an alternative method to the current proposed client > > authentication mechanism. We