6 Matching Annotations
  1. Jun 2020
    1. Since onion services can receive incoming connections even if they are behind a router doing network address translation (NAT), TorChat does not need any port forwarding to work.
  2. Mar 2020
    1. The client is relying on the server's unauthenticated DH public key Y to somehow authenticate the server's knowledge of X. Obviously, this is making an assumption about a DH that could be bad, thus is an unsafe protocol. This is Tor's (older) TAP circuit handshake (using regular DH, not ECDH). The original deployment was easily attacked by a fake server sending a public key Y = 0, 1, or -1, thus allowing the fake server to calculate Y^x without seeing X [TAP].
  3. Jan 2016