Backward decryption of Tor traffic after Debian OpenSSL bug disclosure
unknown_x at Safe-mail.net
unknown_x at Safe-mail.net
Fri May 16 17:39:29 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
// Backward decryption of Tor traffic after Debian OpenSSL bug disclosure
Let some passive adversary haves a records of traffic between users Debian
GNU/Linux tor-client and servers of Tor-network (a lot of Debian's too).
The records dated 2006-may 2008.
Now Debian OpenSSL PRNG bug disclosed. All ~250000 "pseudorandom" values known.
Is it possible to adversary use this data to backward partially decryption of
recorded and stored users traffic?
- From predicted states of broken PRNG he can compute Diffie-Hellman params,
reconstructs ephemerial keys and extract session AES keys between nodes in circuit
if two of circuit has broken PRNG's.
Is it real? Or openSSL PRNG used in tor for generating auth. keys only and not
for session keys material in the case of tor?
-----BEGIN PGP SIGNATURE-----
iD8DBQFILcYLRkm9ZEvRLEARApaoAKCHz8Pk4H8jLI4xgzbCnK1EgRzH1gCffINB
tto9W39Qr3hb4cq978zBC0s=
=vUFM
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list