Delivery-Date: Fri, 01 Aug 2014 17:37:20 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 212231E08C0;
	Fri,  1 Aug 2014 17:37:19 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id CAC9C30C1F;
	Fri,  1 Aug 2014 21:37:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 01C7B30C13
 for <tor-talk@lists.torproject.org>; Fri,  1 Aug 2014 21:37:13 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id m8N7GUDNfsA9 for <tor-talk@lists.torproject.org>;
 Fri,  1 Aug 2014 21:37:12 +0000 (UTC)
Received: from mail.bitmessage.ch (mail.bitmessage.ch [146.228.112.252])
 by eugeni.torproject.org (Postfix) with SMTP id 8F86230A44
 for <tor-talk@lists.torproject.org>; Fri,  1 Aug 2014 21:37:12 +0000 (UTC)
dkim-signature: v=1; a=rsa-sha256; d=bitmessage.ch; s=mail;
 c=relaxed/relaxed; q=dns/txt;
 h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
 bh=IkqZgnXyZbsgJB8mhabHDSJi//9/20wb8J2/UHq/yTA=;
 b=YfHngDV2FtCwXdPhrl3eGgYk8Gx+dXab7161JN4jG5kdBE3x2jDbZpYOrpGAMIirjW1QP0GIWCp3X0bIhq+2cBtOWu3fh5gD+UVQ43hDB8p2jDN8XUyp2vkenyClRzhUZqs6reF056tSxv3B9OCRSdaWM0H39piQpxr2039rDfc=
Received: from 127.0.0.1 (BITMESSAGE [127.0.0.1]) by mail.bitmessage.ch
 ; Fri, 1 Aug 2014 23:36:47 +0200
Message-ID: <53DC087E.5070104@bitmessage.ch>
Date: Fri, 01 Aug 2014 21:37:02 +0000
From: Nusenu <BM-2D8wMEVgGVY76je1WXNPfo8SrpZt5yGHES@bitmessage.ch>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] 'relay early' attack logging at the infrastructure level?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

quoting from [1]

> On July 30th, 2014 Anonymous said: Suppose my relay is running 
> 0.2.4.23, and suppose it's the middle hop between adversary's guard
>  node and adversary's hidden service directory. Will it kill
> circuits sending relay_early cells backwards? Or is that
> impossible, since it doesn't have the keys to decrypt that stream?
> 
> 
> On July 30th, 2014 arma said: It will indeed kill circuits if it 
> sees an inbound (towards the client) relay_early cell.
> 
> It doesn't have to decrypt the stream to see it, because whether a
>  cell is relay or relay_early is a property of the (per hop) link, 
> not a property of the (end-to-end) stream.

Does a patched relay also create a log entry as soon as it "kills" the
circuit or is logging only happening on tor instances acting as clients?



[1]
https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-confirmation-attack#comment-66769
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJT3Ah+AAoJEDcK3SCCSvoeCG0QAIOSP+nM5C3hWie9i6FCtMuh
KDSXiLIfKPXCYQBaApmRuxBeoDeKI64s34x78nfpsx6t4UsqGsjIs7LcHWmJmQyR
dwAf+Vy1OAOp5tlu8bH0iXM7HBN+gVpBJjhglODAQYaPPIThMo1agNsz73Xzo8YT
Y5BTOgNmkFXsQksrDrUH7Uftd3BSxcIGyX1frW7KANy+rgrTLY/8sSWR3OqhiKoB
nOQX6lXxay3D04WT+d3AJe1UPGdGlMOe3rMAnbYuKldC9k7YtdLT+lwxTDhP46VP
2weCEJU792Y7WFxC92ShjdfNbZuymXaG38Gt2wUOoP2gUAZmOQdQJOG9NCa7RixO
sL67lDYPZDwi3wWYFYmHjuMiKD/lPtnrbYeeeurB4bUgpkFMJc1HE6+tGaQopxcW
27PRY6sJ54Jb2UM51qYKBlEkhRbWcxmm9YCjlnv9fv7LChBfmsVvW21oTPy71PUP
GOnjDDtaGx4Z13ID/eQrt5490m4lOV3mMbKcJ+A1ZPblPEZM797UpWxZdxVfBv9y
Teh8J9txKxZj6wnRGOxanLd103RIjhqN0m9Onc/ngD0BPKez+JXWlssSpQKDvH8L
ce0Yyyl+WKW9Ua8xRLvQM0NnuiY/Artc6kMIMu4Wc6fEgcgFa6PTihy7SwEg3Ekh
UP30c8uS6W+HOrfqp93I
=M7TC
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

