Re: [tor-bugs] #17239 [Tor]: Implement new key blinding scheme for proposal 224

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#17239: Implement new key blinding scheme for proposal 224
-------------------------+------------------------------
 Reporter:  dgoulet      |          Owner:
     Type:  enhancement  |         Status:  new
 Priority:  Medium       |      Milestone:  Tor: 0.2.???
Component:  Tor          |        Version:
 Severity:  Normal       |     Resolution:
 Keywords:  tor-hs       |  Actual Points:
Parent ID:  #12424       |         Points:  large
  Sponsor:               |
-------------------------+------------------------------

Comment (by teor):

 We send the same blinded key to each HSDir, and use it to encrypt the
 payload.

 This allows the HSDir to descrypt the descriptor, which seems
 dangerous/unnecessary.
 It also allows a HSDir to work out which other HSDirs hold descriptors for
 the same hidden service.

 If we:
 * send different blinded keys to each replica (doing this for spread leaks
 information), and
 * use a different blinded key for retrieval and encryption,

 then the HSDir can't decrypt the descriptor or find the other descriptor
 replica.
 It can only find the other HSDirs in the spread for this descriptor's
 replica, which it can do using the hash ring anyway.

 See for extensive, over-the-top detail:
 https://lists.torproject.org/pipermail/tor-dev/2015-November/009884.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17239#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs