[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify



#3207: limit more keys to the exponent we specify
-------------------------+--------------------------------------------------
 Reporter:  arma         |          Owner:                  
     Type:  enhancement  |         Status:  new             
 Priority:  normal       |      Milestone:  Tor: unspecified
Component:  Tor Relay    |        Version:                  
 Keywords:               |         Parent:                  
   Points:               |   Actualpoints:                  
-------------------------+--------------------------------------------------

Comment(by asn):

 Replying to [comment:1 arma]:
 > Are we ever going to want keys with different exponents, in the distant
 future? Or is it always a bad idea for sure?
 >
 > My crypto crystal ball is not good enough, but some external advice
 might be good here.

 Cryptographically, I don't see any problems with this. OAEP solved same
 small exponents attacks years ago, and 65537 is not a small exponent
 either.
 Wikipedia also says:
 "The NIST Special Publication on Computer Security (SP 800-78 Rev 1 of
 August 2007) does not allow public exponents e smaller than 65537, but
 does not state a reason for this restriction."

 rransom said on IRC that he didn't also restrict the identity key exponent
 because it's public in the TLS handshake and might be fingerprintable,
 which is a valid thought, but generally *most* RSA exponents are 65537
 nowadays.

 rransom also said that he had a patch for onion keys in microdescriptors
 that didn't get merged. He said he pushed it to his public repo but I
 didn't manage to find it.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3207#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs