On Wed, Nov 2, 2011 at 11:45 AM, Robert Ransom <[email protected]> wrote: > On 2011-11-02, Watson Ladd <[email protected]> wrote: >> Dear All, >[...omitted..] > >> Right now Tor encrypts the streams of data from a client to a OR with >> AES-CTR and no integrity checks. > > Bullshit. We have a 32-bit-per-cell integrity check at the ends of a circuit. So let's say that I am a malicious 1st hop and a malicious 3rd hop, and I want to find out. If I have known plaintext I can modify it, say the packet type headers. Then the third router will see nonsense and know that it this circuit is compromised. The second router can detect this with my proposal, it cannot right now. Ends of circuit alone are not enough. > > > Robert Ransom > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev > Sincerely, Watson Ladd
-- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
