[tor-talk] Rumors of Tor's compromise
Mansour Moufid
mansourmoufid at gmail.com
Tue Oct 25 17:10:21 UTC 2011
On Tue, Oct 25, 2011 at 11:04 AM, Andrew Lewman <andrew at torproject.org> wrote:
> One-third of the machines on those IP addresses are vulnerable to
> operating system or other system level attacks, meaning he can break
> in. That's quite a few! We wonder if that's true with the real Tor
> network, or just their simulated one? Even ignoring the question of
> what these 3500 extra IP addresses are, it's important to remember that
> one-third by number is not at all the same as one-third by capacity:
> Tor clients load-balance over relays based on the relay capacity, so
> any useful statement should be about how much of the *capacity* of the
> Tor network is vulnerable. It would indeed be shocking if one-third of
> the Tor network by capacity is vulnerable to external attacks.
Also keep in mind that [1] claims 30% -- of the 50% of routers which
run Windows -- may be vulnerable. So, 15% of routers (assuming these
estimates are correct) in total, probably corresponding to a tiny
fraction of the network's net capacity, considering these nodes are
likely home users on DSL.
> From there, the attack gets vague. The only hint we have is this nonsense
> sentence from the article:
>
> The remaining flow can then be decrypted via a fully method of attack
> called "to clear unknown" based on statistical analysis.
A better translation is: "The remaining flows can then be completely
decrypted by an unknown-plaintext [ciphertext-only] attack, based on
statistical analysis."
I've never heard of such an attack against post-WWII ciphers. (Except
perhaps the 1974 version of crypt -- see [2] for an interesting read
-- but we're talking about AES here.)
[1] http://www.itespresso.fr/securite-it-la-confiance-dans-le-reseau-d-anonymisation-tor-est-ebranlee-47287.html/2
[2] http://cm.bell-labs.com/cm/cs/who/dmr/crypt.html
--
Mansour
More information about the tor-talk
mailing list