On Wed, Nov 2, 2011 at 12:45 PM, Robert Ransom <[email protected]> wrote: > On 2011-11-02, Watson Ladd <[email protected]> wrote: >> Dear All, >> Rather then get further sucked into a debate that is producing more >> heat then light about Wegman-Carter, I've decided to make a concrete >> proposal for how Tor can better protect its streams from manipulation. > > Your proposal is so detailed and concrete that I'm not even going to > try to figure out what it means.
I'm going to suggest that we ought to isolate protocol discussions from primitives discussions here. The discussion of how to put together a good relay packet format using a stream cipher and a MAC (or a stream cipher with an authenticating mode of operation) ought to be separable from the discussion of which stream cipher/MAC/authenticating mode we use. (If it isn't separable -- if the format relies on particular properties of a given primitive -- that strikes me as a point against the format.) [...] >> Right now Tor encrypts the streams of data from a client to a OR with >> AES-CTR and no integrity checks. > > Bullshit. We have a 32-bit-per-cell integrity check at the ends of a circuit. Let's keep this polite, please. "Not so" is a perfectly fine alternative to "bullshit," and is likelier to keep future conversations productive. cheers, -- Nick _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
