OSI 1-3 attack on Tor? in it.wikipedia
Anon Mus
a_green_lantern at yahoo.com
Fri Feb 15 18:10:39 UTC 2008
Jan Reister wrote:
> Il 14/02/2008 13:36, Anon Mus ha scritto:
>> A. Attacker obtains genuine private keys by,
>> 1. Attacker sets up a number of genuine tor servers
>> 2. Attacker infects genuine tor nodes with spyware
>
> Setting up rogue (or compromised) nodes won't work for getting the
> directory authority private keys. That makes the rest of your
> assumption empty. As Roger pointed out:
>
https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#KeyManagement
>
> Jan
>
>
Hello Jan,
Again your statements are wrong.
In the scenario we are discussing the tor clients traffic is diverted
into a faked tor network, on the whole.
The replying nodes, those which authenticate themselves with knowledge
of the ACTUAL node's private key. Obtained by methods A 1-3.
So the simulated nodes just look like the real thing, when they are
not.
Your statement that the attacker needs to control a directory authority
is a red herring!
Control of a directory authority is NOT required in this scenario. That
was made plain from the start!
Why did you inject this red herring into your argument?
[ Note this is not for debate:
And directory authority I suspect that given the private keys for
directory servers, the attacker could also simulate these.
Here's a quote from the wiki you link above.
"How do clients know what the directory servers are? The list comes
with
the Tor distribution. It hard-codes their locations and their public
keys. So the only way to trick the user into using a fake Tor network
is
to give them a specially modified version of the software."
So to trick the user (tor client) into thinking it was using a genuine
network all it would need is the private keys of the directory server
(as the public ones are already published) again these could be
obtained
by methods A 1-3. As these PRIVATE keys are available in an UNENCRYPTED
file on the directory servers themselves. The same is true on every tor
server in the entire tor network!]
-K-
____________________________________________________________________________________
Be a better friend, newshound, and
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ
More information about the tor-talk
mailing list