Jeremey's Weblog

"Hack" here having the meaning "not actually a hack", but anyway. Here's a good article from Bruce.

Tor is onion routing... onion routing prevents an observer from knowing the two endpoints of a communication by "routing" messages through multiple encrypted layers, where the onion router at each layer only knows where the message came from and where it's going to next (i.e. not the original sender or final destination).

However, if the actual content you send through the onion routing network identifies the communicating parties, in the clear, then the exit node (the last router in the "route", which must decrypt the last layer of encryption and send the message to its non-onion-routing destination) can read it. Onion routing doesn't protect the content, it provides protection from traffic analysis.

Which is all for naught if you didn't encrypt the traffic in the first place. Let's say you live in Outer Phuongolia where it is illegal to own Seinfeld DVDs. In order to prevent the rampant proliferation of Jerry Seinfeld, Outer Phuongolia has also made it illegal to shop at Amazon.com. You really want the latest season, but how? Onion routing, of course! (that was your first thought, right?)

You use Tor to place your order, and thus the goons at OPHQ can't tell you plan to further corrupt society with another season of Seinfeld. Or so you think... turns out the Phuongolian administration isn't as dumb as it looks, and they're running a bunch of Tor nodes! Lo and behold, the exit node for your purchase happens to be one of theirs, and you didn't use SSL to place your Amazon order. The HTTP traffic from the exit node to Amazon identifies you, your order, everything. The goons are coming.

You gotta encrypt the traffic! If you had used SSL, the OPHQ goons wouldn't have been able to read a thing, and since they couldn't know where the traffic originated, they couldn't have done anything. Your dastardly plan would have succeeded. Seinfeld would have lived on in Outer Phuongolia.

Technorati Tags:
tor, crypto, onion routing

In light of all the "security" being implemented by the current administration, we ought to all grab Gizmo and Zfone and use them whenever possible. Gizmo is an IM-like VoIP (i.e. real VoIP using SIP, RTP, etc.) client and Zfone is Phil Zimmerman's (think PGP) contribution to VoIP security. It embeds strong crypto in the RTP stream directly, bypassing any filters or blocking at higher layers.

Gizmo: http://www.gizmoproject.com/

Zfone: http://www.philzimmermann.com/EN/zfone/index.html

So this isn't news (at all) to cryptographers, but I thought it was worth mentioning: MD5 is now really, really broken. I have two letters I printed sitting on my desk. Both of them are addressed to Julius Caesar, same date, etc. One of them says:

"Alice Falbala fulfilled all the requirements of the Roman Empire intern position. She was excellent at translating roman into her gaul native language, learned very rapidly, ...

[...more such text...]

Sincerely,

Julius Caesar"

Basically, a letter of recommendation to hire someone. The second letter says:

"Order: Alice Falbala is given full access to all confidential and secret information about GAUL.

Sincerely,

Julius Caesar"

OK, so why is this interesting? I printed the two letters from postscript files. The two postscript files are identical in size and, more to the point, they have the same MD5 hash. That's an amazing thing... MD5 is a one way cryptographic hash function... its sole purpose is to generate a 128 bit "summary" of a message of any size, such that it is extremely unlikely that two messages could generate the same 128 bits (and also such that any minute change in the message results in a completely different hash). Its security rests in 1) it being very, very "hard" to find two such messages, and 2) it being very, very hard to deduce anything about the original message from the hash result.

Assumption #1 is now clearly broken in practical ways. Had Caesar digitally signed the first document, he would also have unwittingly digitally signed the second!

Here's the site where they describe this demonstration: http://www.cits.rub.de/MD5Collisions/