[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] Key Blinding Secrets

To: "tor-dev@xxxxxxxxxxxxxxxxxxxx" <tor-dev@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-dev] Key Blinding Secrets
From: "Bellebaum, Thomas" <thomas.bellebaum@xxxxxxxxxxxxxxxxxxx>
Date: Tue, 30 Apr 2024 07:38:24 +0000
Accept-language: en-US
Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=aisec.fraunhofer.de; dmarc=pass action=none header.from=aisec.fraunhofer.de; dkim=pass header.d=aisec.fraunhofer.de; arc=none
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DKB8VKUKpfol24ngO0d80i4cg9B617tdKwT67mzbUe8=; b=kQrHZQ/ISzqWaEpcDiHdkfxcwIDt1abdDahcNgYoy8GBu0E9BJa+dVKMJ+z2FpF0iA4Y4J31keHNX8ivwwE5dTN2QuoAdkytcEtPiiToZG23duIgmOT4iN0GTGvBWsFFa9B258dcweuXoqnasfNoasoNthNjX9cMXHVgUzFyaEq4vTzsFBkMXtkgBDreJM6vK/O+UTSQVNiI4slDoiec8Bmvu7up9/kdJvFcv7RiPASuROYFP/pMhRy9fIbEqVIjDNIh4dlGzOwZ3yIzo458nnL7b1IYgedMVhhgCWn/BDOQan6LC2+TwIRaWjd02wXUtEfmQhAGNM9AXhCXyUZOIw==
Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Mbi844WWNw3/qh7BxmyB0KznfRQ1C14odUEhKNSPf3ps0hupnRDreu/qFgKEn7o6EyYewRlEXW5gHjBPAbYDaGGb+ZEKrl6T8G6+SSQCZ1RLmel+JBURXKL6TAEihp/4hlbATOg3lioeNKxv8PNPdGssrnevehVmPVXuqtEYl36EiKbsO0vt8vS2JxdoDKwOhttWM8oaYs87PG8gtKREkzzxWtbwG+kKicRDiCy74ChKFXxJxjN8Kw+B3ZzIZ65Bt2X+aFFkY/wqTuav346W2tMCqXqVXjfVte25L+M1nCu0nY8TPe0QnBeaeN1XRC9r4Sq6zE8DEyUyezVWYt2jXw==
Authentication-results: mail-edgeka24.fraunhofer.de; dkim=pass (signature verified) header.i=@fraunhofer.onmicrosoft.com
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 30 Apr 2024 08:07:42 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=aisec.fraunhofer.de; i=@aisec.fraunhofer.de; q=dns/txt; s=emailbd1; t=1714463144; x=1745999144; h=from:to:subject:date:message-id:content-id: content-transfer-encoding:mime-version; bh=DKB8VKUKpfol24ngO0d80i4cg9B617tdKwT67mzbUe8=; b=EDrWBkZIyGZSwKdGXDuU/KjRldY8i0gPmG/03MTywaIh7sRaW6dLIVlg ix/a8nvnhv5zem4UQ3StgCszBvhYA21JTgkf8+FRObe6ApHy2UC6NwlpO rIxx7GGfjna7IwrczL7C2eLGsC7PbAyZtTAXkqlVhYtFyqfxK0lbQyfNT va/R/j+02uhazIJjCXkUFqB3WEwo7PY54KtSFnQ/A8iaSLH+vOwzjek1Y YjTvsKSBnWSvYUDY9SB4N1ZCNnYIspiXIaUS2kG9hI79tOixX5SCn+148 Pt+RiSKg9+iQaTjfxxJwbMVYCdY1CB8A773e+kfqSX8dONLaz/04HzDJD Q==;
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=fraunhofer.onmicrosoft.com; s=selector2-fraunhofer-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DKB8VKUKpfol24ngO0d80i4cg9B617tdKwT67mzbUe8=; b=MGs9QXjTHtFT1tVPkXA9Rg4U3UOoezCScc2W3yiMdjLDjyvYS18ksSu59g+TvzuEcldVJQuTVQyUj5RmvRqZY+9nDd4Hir6XeYQNthw58UZqniPeV1Qs2hAEbiXbdAjdFydONZYhSosJ/GJYZ8bUFe7pjomtsmWV4hAI8YwjtSM=
Ironport-data: A9a23:3gtyR6pjrm9uUpGKhcQqBmat6INeBmJFYBIvgKrLsJaIsI4StFCzt garIBnSOfmLNmTyKIsibYyw804GvpXTz4diHARq/C43ESMb9ePIVI+TRqvS04x+DSFjoGZPt Zh2hgzodZhsJpPkjk7wdOCn9T8ljf3gqoPUUIbsIjp2SRJvVBAvgBdin/9RqoNziLBVOSvU0 T/Ji5OZYADNNwJcaDpOt/rf8kI34JwehRtB1rAATaAT1LPhvyRNZH4vDfnZB2f1RIBSAtm7S 47rpF1u1jqEl/uFIorNfofTKiXmcJaLVeS9oiY+t5yZv/R3jndaPpDXlBYrQRw/Zz2hx7idw TjW3HC6YV9B0qbkwIzxX/TEes1zFfUuxVPJHZSwmfe/wXTBNHzQ/+VBU30fBKg85+JzHEgbo JT0KBhVBvyCr/mz3Kr9R/lnhoItNsD2OoMYtHx6iz3UZRokacmeGOObupkBg2Z235oRdRrdT 5JxhT5HcBTHZhRUfF0aDJYzlu61g1H2ciZVoxSbv6Mq5WjUwgFrlrTgWDbQUoXSG50Exx7wS mTupErXCBQRHt6j8hWc8S6wwcXt2iP3V9dHfFG/3rsw6LGJ/UQPDwdTWValif24kVKlHc5YM VQO/SgjprR081akJuQRRDXh/SXB70FZAoUBVrRgt0eTz+zfpQiDD3UCTjlPZcZguMJeqSEW6 2JlVujBXFRHmLOPQG+b9rCaoCn0Pi4QLGQYYjQDQxdD6N7myLzfRDqWJjq6OP/k0o/GCnvrz iqUrSMzobwWgIRZn++45F3LyXbk7JTAUgd/tE2dU3OH/zFJQtevR7WpzlzHstdGDoKSFWeas FY+xsOx0eEpDLO2rhKrftkjJr+SysigDCz9mn9qRpkoyCSs8SWsfKdW+zBPG31qOcclJx7vR lPfmSpM1q9TPnKBMKp8ZqzoAcEq05rlK8XBU8rQT9tRY6pecB2M0zFuaHWxgUHsshkIuoMuN aiLdf2DCS4hNp1m6z6tVsEh0bMP7QIv91P5HJzU4Uyu7uuDWSSzV7wADmqrUsk4y6G1+CPu7 NdVMpqx+SV1CeHRTHHezt8OEAosM3M+OJHRrv5XfM6lJi5NOjkoK93V8IMbV71VpYZnvcaWw SjlQW5d8kT1ulPfIwbTanxDVqLmbawikV0FZx4TLXSa8Fl9R72w7ZUvVYo9Jpgm0+1B8cRab dc4f+e4P/AebQifpho8a8HmoZ1AZSabo1uEHxCYbQgVe79iQA30+eHYQDb/yRlWDgeKsZoRn r7x8CLaXpsJeCp6Bun0dv+E7g28rFodqs1ITmrKJdhiR0H+wrdPNh73rP87HJwLI0/xwjCbi gWkOjYDhOz3u4Ru2sL4taOFiIaIEuVFAUtRGVfA34u2LSX3+mmCw5dKdeS1IQDmS2L//Zu9a dVvz/3TNOMNmHBIudFeF4lH4L0f5dy1gZNn1SVhQWv2amq0BoNaInWp2ddFsotPzOR7vSq0Q ke+xclIC46WOc/KEE8jGyR9V76tjcorozj16eg5BG7Y5yUtpbqObhh0Dim20SdYKON4DZMhz eIfo/Up0g2YiCcxE9O4nytRpnWtLHsBbv0djaskIrTX0ygl9lITRqbnKH7SwIqOYNByIEUVM meqpK7dtY99mGvGUVQOTEbo48QMq6gKih5wyH06G2+ogfvA3/8+4w1Q+284TyNT1RR27NhwM WlKaWxwC72FpQlqoM1xTlGcJRxIK0ycyHzQ1mkmqWz9ZGurX1zrM2cSF7us/kcY0mQEZRld3 uiS51jEWAbQXvPa/3UNS288jNK7Vv131AnJuP7/LvS/B5NgPAbU2P6/V1QHuz7MIJ0XhnSeg cJI4ewpS6nwFRBIkp0BE4PAiIghEkGVFldjH8Nk0rgCR1zHWTeI3jOLFUC9V+VNK9HO8m66E 8ZeHd1OZTvvyBexqi0nOoBUL49WhPIJ4P8wSoHvL0MCsJqdqWNNm7DU/S7cmmQqYotPleAQF 4DvTA+BQ1eg3SZsp2zwrcd6YzvyJZFOYQDnx+m6/dkYD59J4qkmbUg21aDypHmPdhdu+xWPp g7YeqvK1KpYxJ9xm5f3WLB2b+luxQgfiMzTmOxrj+lzUA==
Ironport-hdrordr: A9a23:4cEqVKp7zWvholqWpBy3dwgaV5oveYIsimQD101hICG9E/bo9f xG88536faZslossVsb6LS90cq7MBDhHPxOgLX5VI3KNGKNhILPFu5fBODZowEIdReRysdtkY dmYuxbAN30Nl5nkMb87mCDYrMd/OU=
Ironport-phdr: A9a23:IvdxYxFRxMqp4jFXJkEW5p1Gf3BNhN3EVzX9l7I53usdOq325Y/re Vff7K8w0gyBVtDB5vZNm+fa9LrtXWUQ7JrS1RJKfMlCTRYYj8URkQE6RsmDDEzwNvnxaCImW s9FUQwt5CSgPExYE9r5fQeXrGe78DgSHRvyL09yIOH0EZTVlMO5y6W5/JiABmcAhG+Te7R3f jm/sQiDjdQcg4ZpNvQUxwDSq3RFPsV6l0hvI06emQq52tao8cxG0gF9/sws7dVBVqOoT+Edd vl1HD8mOmY66YjQuB/PQBGmylAcX24VwX8qSwLFuT3ZdMfPkRbZruR63HPGO8LRFbxkATX+5 Kg6YkGx1zsLFCEFrj7SmMZNgfIO83fD7xYq5qHPMbilNsZeYo3hJM8kfWlxd5drWHB8Wb6ba IYdJNEKNrxn9Jj8glcMiTe8FBedP7q/ySRzmyKn0u4GzfY8PArC0DICJs8yjk3FkdeoDqIMa /mH/eqZyxnPM9NXw2nN5bnxVAwhvqzcYIBpd8vpxHd2Lhifjny9o43VNT+81OgjomS8ydhRV dmokExghCNAkGil++kh1ZHLgYcJ0VX7y3l56adlFMK6VHVeNI3sAN5RrSacL4xsXoY4Tnp1v Dpv0rQdos3TlEkizZ0mw1vSZ/OKcIHSvlTtTu+MJzd/in9/Pr6y1F6+8kmln/X1TdL8kE1Lo SxMjsTWuzgT2gbS5MmKRro1/kqo1TuVkQGGwu9eKF0yla3VJoRnxbg1l5EJtl/EEDOwk0Lz5 JI=
Ironport-phdr: A9a23:WnOZQxHqDijWFPQ+hmWFQJ1Gf3FNhN3EVzX9l7I53usdOq325Y/re Vff7K8w0gyBVtDB5vZNm+fa9LrtXWUQ7JrS1RJKfMlCTRYYj8URkQE6RsmDDEzwNvnxaCImW s9FUQwt5CSgPExYE9r5fQeXrGe78DgSHRvyL09yIOH0EZTVlMO5y6W5/JiABmcAhG+Te7R3f jm/sQiDjdQcg4ZpNvQUxwDSq3RFPsV6l0hvI06emQq52tao8cxG0gF9/sws7dVBVqOoT+Edd vl1HD8mOmY66YjQuB/PQBGmylAcX24VwX8qSwLFuT3ZdMfPkRbZruR63HPGO8LRFbxkATX+5 Kg6YkGx1zsLFCEFrj7SmMZNgfIO83fD7xYq5qHPMbilNsZeYo3hJM8kfWlxd5drWHB8Wb6ba IYdJNEKNrxn9Jj8glcMiTe8FBedP7q/ySRzmyKn0u4GzfY8PArC0DICJs8yjk3FkdeoDqIMa /mH/eqZyxnPM9NXw2nN5bnxVAwhvqzcYIBpd8vpxHd2Lhifjny9o43VNT+81OgjomS8ydhRV dmokExghCNAkGil++kh1ZHLgYcJ0VX7y3l56adlFMK6VHVeNI3sAN5RrSacL4xsXoY4Tnp1v Dpv0rQdos3TlEkizZ0mw1vad/WiTqPRuEulWvyYPDF4g3xoYvSzikX6/Uuhz7jkX9KvmBZRr yVDm8XRrH1FyRHJ68aGR/c8tkes0DqCzUbSv8lKO0kpk6rcJZM7hLk2k5sYq0PYGSHq3k7xi cer
Ironport-sdr: 66309ff3_Q32wH7UuQJF8yW0kL5sgbQZ37hFE9UVYJbkhIf1IkyBd0gO x4NLhEDrZY5GOUagViW6evvInDtd+93RLNwwW6Q==
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
Thread-index: AQHamtFiRLGAkImEeEuSlobtN8N6aQ==
Thread-topic: Key Blinding Secrets

Hello everyone,

I am a researcher currently looking into different schemes for what you call Keyblinding in the rendevouz spec.

https://spec.torproject.org/rend-spec/keyblinding-scheme.html

I noticed that your description there mentiones a secret `s` to be hashed into the blinding factor, and have a few questions about it:

1. Is this secret currently being used / intended to be used? If so, how?

2. What kinds of security (formally or informally) would you expect from using a secret in the derivation process? For example, do you just require that someone without `s` cannot look up the service, or is this also meant as a way of ensuring that HSDir nodes cannot find correlations between services and descriptors (amounting to some sort of additional censorship resistance)?

The reason I am asking is because my research has identified some potentially post quantum secure schemes which for unknown identity keys results in uncorrelatable blinded keys, but where for known public keys you can efficiently determine whether a blinded key is its derivative, even if you do not know the blinding factor. I am wondering for which kinds of applications (with TOR being a major one) this would be relevant.

If you have any insights, please let me know. Also I am new to the TOR-Dev world, so feel free to send me to a different mailing list, should I have chosen the wrone one for this topic :)

Thanks in advance,
Thomas

-- 

```
M.Sc. Thomas Bellebaum
Applied Privacy Technologies
Fraunhofer Institute for Applied and Integrated Security AISEC

Lichtenbergstraße 11, 85748 Garching near Munich (Germany)
Tel. +49 89 32299 86 1039
thomas.bellebaum@xxxxxxxxxxxxxxxxxxx
https://www.aisec.fraunhofer.de

```
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Prev by Author: [tor-dev] Proposal for Tor (Relay) Watchdog (Telegram) Bot
Next by Author: Re: [tor-dev] Proposal for Tor (Relay) Watchdog (Telegram) Bot
Previous by thread: Re: [tor-dev] Proposal for Tor (Relay) Watchdog (Telegram) Bot
Index(es):
- Author
- Thread