[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers



#8106: Make .onion addresses harder to harvest by directory servers
------------------------+--------------------------------
     Reporter:  asn     |      Owner:
         Type:  defect  |     Status:  new
     Priority:  major   |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  SponsorZ tor-hs
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by asn):

 Some notes from the CCS meeting:

 The scheme requires two proofs.

 The first one proves that the signatures of this scheme are unlinkable to
 each other (unlikability). Apparently this is easy to prove using the
 random-oracle model + the standard DDH assumption.

 The second proof guarantees that an adversary should not be able to forge
 signatures (unforgeability), even if she has access to an arbitrary amount
 of previous signatures, or ephemeral public-keys or the long-term public
 key.
 This seems like a harder proof. The idea is to try to prove this using the
 forking lemma (which apparently might be the easiest way to do this) and
 hope that it gives us a tight security bound (it usually doesn't,
 apparently). Then we can start working on a tighter security proof.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs