Delivery-Date: Tue, 19 Apr 2016 06:15:04 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED,
	DKIM_SIGNED,FREEMAIL_FROM,RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 9190D1E051C;
	Tue, 19 Apr 2016 06:15:02 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 990B03B15B;
	Tue, 19 Apr 2016 10:14:57 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 8DC273A9A4
 for <tor-talk@lists.torproject.org>; Tue, 19 Apr 2016 10:14:53 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id y-_qN-3XzP_W for <tor-talk@lists.torproject.org>;
 Tue, 19 Apr 2016 10:14:53 +0000 (UTC)
Received: from mail-wm0-x22a.google.com (mail-wm0-x22a.google.com
 [IPv6:2a00:1450:400c:c09::22a])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 4D9CA3A900
 for <tor-talk@lists.torproject.org>; Tue, 19 Apr 2016 10:14:53 +0000 (UTC)
Received: by mail-wm0-x22a.google.com with SMTP id u206so20979507wme.1
 for <tor-talk@lists.torproject.org>; Tue, 19 Apr 2016 03:14:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to;
 bh=CCMMfYGR/gSNyHQebVefVH/CQEzv+gbzN+eqLtv7kKY=;
 b=gRnyB3SuX1ZBTF4vmTr0qCZRVWXSaASM+eDZiefZFI3qXSHIBoz+09bPhagxxjB+Qh
 F3ae3lh3hBr4+pJ600I6zCDk0HtBLAo82qg9gO7evjepPG4dohhwlJ3Utxa1ukiIWLrc
 EpVYk4SxrLl+G2bUIx4sPQ0bQOxp0dgh3v3mpK6UpxoJrtC5Xc01CIcTMQwg1+G9aFAg
 WfhO/YQRnS2VHM9BQP/xWyfnLSoqaxAqoDIgVBLHq4iq6EWkqhCtL9ND/IDEFj2XGtGb
 BWn28rVI7E0G6KRoxQkwz2UYwaGhDdm0W2pTu6UDi0f0qRNuQQdREoXIC2DduqKZhMMy
 n8bA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:date:message-id:subject:from:to;
 bh=CCMMfYGR/gSNyHQebVefVH/CQEzv+gbzN+eqLtv7kKY=;
 b=OMIPml5AudFtyY0bCnEG6lx1WIljfllWAecyxynCw7n5C7H7hLq8j1ZjvXyjkvHIiD
 yV5yeHrrGY85R2mfkNIwsAgvwDyYFLCJbfPSLqh+D5saoycrC3C5a2F9h2sxPjljTINX
 nQN8Ws2HUfak4MwiakVWkbhm37U73upznZygATpaMC8oaqAlJVXaNNwsBcng9WrPZ5Iu
 i6okXrZYxVW2Vu90hhUHmCcj1fGVYfhK041ocObUzplyt/kZSZ/NyeadaIiGQ6E8jdYy
 gHZW3GMY+ZaLCimICUktnLqU5Blq/n91cmbld8BqIdi63eqkb1EG0g0/pSePtaCWgCUb
 GwVQ==
X-Gm-Message-State: AOPr4FX3FbKC3NgbTAIgXqEslDA/vRGl+m7QcLaRDq2EgJn6t5FVasB85tmfSRUdWyXZV/lX6EHSEEnl0Si7Nw==
MIME-Version: 1.0
X-Received: by 10.195.18.99 with SMTP id gl3mr2249780wjd.162.1461060889937;
 Tue, 19 Apr 2016 03:14:49 -0700 (PDT)
Received: by 10.28.167.200 with HTTP; Tue, 19 Apr 2016 03:14:49 -0700 (PDT)
Date: Tue, 19 Apr 2016 12:14:49 +0200
Message-ID: <CAKHd51M6ySBHkb6WiS8GW8Y+R2G+APCvbpNgk1VF3=Y2-+C8WQ@mail.gmail.com>
From: Ondrej Mikle <ondrej.mikle@gmail.com>
To: tor-talk <tor-talk@lists.torproject.org>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [tor-talk] Relay early attack flow
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi,

I've recently had a look at the old relay early confirmation attack [1],
but can't remember what the exact flow of the attack is - i.e. which nodes
the attacker needs to control to deanonymize a) client b) hidden service
location.

For client, is client's guard and HSDir node enough? I.e. HSDir encodes the
service name in relay/relay early cells and guard picks up the pattern?
Similarly, for hidden service is control of the service's guard and HSDir
node enough?

Ondrej

[1]
https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

