[tor-dev] Some initial analysis on the new "Triple Handshake Attack" and Tor

Sebastian G. <bastik.tor> bastik.tor at googlemail.com
Wed Mar 5 18:36:57 UTC 2014


04.03.2014 03:45, Nick Mathewson:
> 5. We should revisit proposals to have Tor server <-> server
> communication use the v1 link protocol again.  (That's the one where
> both sides present a certificate chain in their TLS handshake.  We
> moved away from it because of protocol fingerprinting issues, before
> we'd hit upon pluggable transports as a better means for protocol
> obfuscation.) Due to our messed-up use of ciphersuites for
> signalling, we will have some tricky times designing this compatibly
> with existing Tors. But it might be our best long-term option if we
> can make it work. (IIRC Robert Ransom was advocating this.)

Hello Nick,

thank you for the education. :)

Since this is somewhat "important" for the list it is sent to it.

You say both presented a "certificate chain". For me this is what
SSL/TLS provides with

CA certificate -> Sub CA certificate -> website certificate.

Did Tor had a similar implementation where there was an actual chain of
certificates?

I am (and was) aware of not enabling some ciphers/cipher-suits in the
server-hello to look not too different, as well as disabling some in the
client-hello to look like Firefox connecting to Apache.

Best Regards,
Sebastian G. (bastik)


More information about the tor-dev mailing list