[tor-talk] Spoiled Onions

Guido Witmond guido at witmond.nl
Wed Jan 22 14:52:24 UTC 2014


On 01/22/14 03:53, krishna e bera wrote:
> On 14-01-21 07:32 PM, ramo at goodvikings.com wrote:
>> http://arstechnica.com/security/2014/01/scientists-detect-spoiled-onions-trying-to-sabotage-tor-privacy-network/
> 
> thanks, added it to
> https://trac.torproject.org/projects/tor/wiki/doc/badRelays
> 
> 
> 


End-to-End encryption where both the server and the client certificate
are signed with the same CA (that of the site) protects against this
attack. Each site runs its own certificate signer for their own
visitors. Clients are known only by a unique (or autogenerated)
nickname. Not by their real identities.


When a client connects to a site, it validates the server certificate
and uses only client certificates signed by the same Certificate Signer
to authenticate. If there is a MitM, it cannot create a valid server
certificate that matches that of the site.

Without DNSSEC, this is a TOFU (Trust on first use) validation. There is
a chance that a user gets a rogue end point at the first connection.

With DNSSEC, the site owner publishes their own Certificate Signer Root
Certificate.


I call it Eccentric Authentication. It is not meant for activists and
criminals but for the normal internet user.

I believe that before we can protect activists, we need to protect
ourselves first. (It's the first rule of First Aid: protect yourself or
you are the next victim).

See:
http://eccentric-authentication.org/eccentric-authentication/censorship_resistance.html

Regards, Guido Witmond.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 897 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20140122/fc82e858/attachment.sig>


More information about the tor-talk mailing list