Delivery-Date: Mon, 11 Jan 2016 18:59:44 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D3D4E1E0B30;
	Mon, 11 Jan 2016 18:59:42 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 2C6A4216AF;
	Mon, 11 Jan 2016 23:59:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id E309D20EFA
 for <tor-talk@lists.torproject.org>; Mon, 11 Jan 2016 23:59:36 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JGdoXcR03P4A for <tor-talk@lists.torproject.org>;
 Mon, 11 Jan 2016 23:59:36 +0000 (UTC)
Received: from nm5-vm0.bullet.mail.bf1.yahoo.com
 (nm5-vm0.bullet.mail.bf1.yahoo.com [98.139.213.150])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id A2097204B4
 for <tor-talk@lists.torproject.org>; Mon, 11 Jan 2016 23:59:33 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rogers.com; s=s2048;
 t=1452556771; bh=KqrAMIXzucv4cMnmR4xbImdRS/Z0GGZ+wovTdQoYi1s=;
 h=Date:From:To:Subject:References:In-Reply-To:From:Subject;
 b=pSfAsYJdbPjR0i6ComCgh+blnyNVPP3zNM15VGERUyqY9kuahcgKF1q+eYii7nWZW0r69S0ZYw2iYR6o5mDhvIBnXGQYHYZdIYhIIVXL7nJLcS6k2KN+GN4Cv+0Gd9WRdKXxb13nBn82rrvk/OgT1cS8/ZzkrHD3U7Ais0XFfFc7uWk4HEIjdzOGNcjIKCMSDM35GFvyrzkntd8T7KKEINyBqAfX8alCTvWgbpRpJsgenUC3cC+2nBDIwXYE8zuG+34jawG10tBwNyzV8EllWo6Pt4zJ3wYCcYvPls9I4mQmQS58AzfanzvdJPQsYrnnIPLV9L4JuuvbGsEM4puGHA==
Received: from [98.139.170.178] by nm5.bullet.mail.bf1.yahoo.com with NNFMP;
 11 Jan 2016 23:59:31 -0000
Received: from [98.139.211.198] by tm21.bullet.mail.bf1.yahoo.com with NNFMP;
 11 Jan 2016 23:59:30 -0000
Received: from [127.0.0.1] by smtp207.mail.bf1.yahoo.com with NNFMP;
 11 Jan 2016 23:59:30 -0000
X-Yahoo-Newman-Id: 918298.16529.bm@smtp207.mail.bf1.yahoo.com
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: 4w8HFgQVM1mCAf2Mjhw_7qmq1_R9ym4OqswGhMj41CIss3R
 .ShFFCAibP9SdZj6siDh.fM57mrPf5zdOrnST01y4Hvqf4RqhagSAG5kZ.ET
 Ulkktprsz04973b.VGE02yoZ.NSMCqs.6tvibxHL._x7WI31DTACq3Xk4TRZ
 nf.a2KzNz85EXVqcOfwuZsCBFmPu5vNOiy9g7iQ_Ej08RYqbIAdgmq7OmmCq
 EFFnPuKTNGguLsR_G.a0Tvaon6BWa3iu3oaC35d.P1FRRdItbPNpLhg7nP9D
 HNyQ4OML.v71fNn0XM4wsqXfJP3JnWSf.VySeNRGBcUru0TQEAodMmh3pmwO
 CWebfUofzzpHVlZCrv_qtdAVBOWd6swLKMV_DDs5nAmiWJgz94dawwkcqp4e
 r_NjPnN0PwglBn165OEainocFHZmFka71CL06kGesY8HKTNdqQKnLAo5U.Di
 ezyuW.C5DrprRb.lvlA799lxCmnUk2.HD.2zH3S9zcTwL3BjPuXTQ9CuwYCZ
 2Ho_1FaPk8VprSKkuR7_9WDQQXnp6XjDQUazwmy3qFKfDC.0-
X-Yahoo-SMTP: J7EkAP2swBDXvlfSgKGGesf6sqPMqL.bXPc2iBgSmIa4Mw--
Message-ID: <569441E2.1080800@rogers.com>
Date: Mon, 11 Jan 2016 18:59:30 -0500
From: Ethan White <ethanwhite@rogers.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Icedove/31.8.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <mailman.12.1452513602.713.tor-talk@lists.torproject.org>
In-Reply-To: <mailman.12.1452513602.713.tor-talk@lists.torproject.org>
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: [tor-talk] A Tor-based Public-Key Infrastructure
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="windows-1252"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

First off, this is my first post to tor-talk, so I'm not even really =

sure this is the right place, but...

Recently, I've been toying with an idea inspired by a posting on =

tor-talk by Mike Perry from September 2013 [1], in which alternatives =

were discussed to Web of Trust (WoT); specifically, the suggestion =

=93Every time GPG downloads a new key, re-download it several times via =

multiple Tor circuits to ensure you always get the same key.=94

I've developed it more, and I've come up with a comprehensive public-key =

infrastructure that associates e-mail addresses with arbitrary data =

(such as public keys). We assume Alice is using the e-mail address =

alice@alice.com, and Bob is using the e-mail address bob@bob.com. Alice =

wants to get Bob's public key securely. My goal with this is slightly =

different from most PKIs: I simply want either Alice or Bob to notice if =

anything fishy is going on. They can then simply publish broadly that =

something is off. (This would be a nice thing to eliminate; if anyone =

has any ideas, feel free to suggest them).

The obvious solution is to have Bob upload his public key to bob.com, =

and then Alice can simply use the three-tor-circuit method to download =

Bob's public key. However, this has the flaw of trusting bob.com; =

bob.com could simply serve up the wrong public key.

To solve this, Bob could periodically check that bob.com is serving up =

the right public key. The intervals would have to be random, since Eve =

could simply MITM everyone and serve up the wrong public key except when =

she knows Bob usually asks.

However, this still has a problem: let's say Bob is a high-value target =

like a journalist, and Eve is, for example, an intelligence agency. Eve =

could simply sit outside Bob's house, and, whenever she sees a packet =

into the Tor network, not MITM anyone for a few seconds. Thus, Bob's =

illusion that his public key is being served up authentically is =

maintained, but yet Eve can still MITM Alice (or anyone else). This =

doesn't even seem too far-fetched; this is what NSA's QUANTUM injection =

is, is it not?

To solve this, Bob would send some sort of traffic to the first relay =

every (average latency of the tor network) / 2 seconds, which would =

almost always be something meaningless (like a TLS warning message), =

except occasionally when it's actually a request to bob.com to grab the =

public key.

I have a few questions:
* Do I actually have to worry about QUANTUM-style attacks?
* Are there any vulnerabilities that I'm missing?
* Is this practical? Would it effecively DDOS the Tor network?
* Could I do this in any way that doesn't rely on DNS?


=3D=3DFootnotes=3D=3D

1. Available in the archives online @
https://lists.torproject.org/pipermail/tor-talk/2013-September/030235.html

On 11/01/16 07:00 AM, tor-talk-request@lists.torproject.org wrote:
> Send tor-talk mailing list submissions to
> 	tor-talk@lists.torproject.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
> or, via email, send a message with subject or body 'help' to
> 	tor-talk-request@lists.torproject.org
>
> You can reach the person managing the list at
> 	tor-talk-owner@lists.torproject.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of tor-talk digest..."
>
>
> Today's Topics:
>
>     1. Re: Help me secure my setup (Aeris)
>     2. Re: What is "cookie protections"? (Joe Btfsplk)
>     3. Re: Funding Tor Development trough Referral/Affiliate
>        Marketing (Nick Mathewson)
>     4. Re: Help me secure my setup (Oskar Wendel)
>
>
> _______________________________________________
> tor-talk mailing list
> tor-talk@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- =

tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

