[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Probability of Guessing a v3 Onion Address
- To: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Subject: Re: [tor-dev] Probability of Guessing a v3 Onion Address
- From: Matt Traudt <pastly@xxxxxxxxxxxxxx>
- Date: Wed, 11 Dec 2019 18:38:26 -0500
- Autocrypt: addr=pastly@xxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFYSsCYBEACtCAyNCpmHR4A3L4AWF9UbhZDu76D3LxZHSuPkCWOI++7Lm1SZ0QTuDsd0 ncp6qmzx56wbL9rmRwgNHFCPxlEv1zHmGDoGS/h1CVLsOXpEKqmyyCysYygp+Fc6N5aXIlCm lBj4xEnjz3aSdA0T6RAUOJRLDvmH0hs3guPsJ5Ic12+WekkgqXrNPKoI8PEa1MVFB8RT/49+ SZp28zTk951LXFy2Gte+r/FmNIoKCgMvyBJ5y+vRDIERZhA3S/U9w66zflpBhSRco9VG2fZX Pe2Y5OiC9sLJoHHce7QLIsMbepzGDWIDyIkveMDHPByJL2i3+ajQvv4mRl/WFOUXQJ+HgtA4 o7ul8KSPghmkXJBPTc1nb4U6yPE+cJgx1PhAkc6pcHOo3bf9tnozr4IdkiG/1bvInLqTqm30 nJOloNLVLt6WhhWEt9tUJrcXMSZwhuABgxzz+HvvE19XFzvCCm9xU0dh2kgQ2PAnmK8QsH4b h2M9bkH+WEgMZdh4tNcJdj4UtH/OL8R22+E198lq4C9SMj5DEocllshIVpXRJb2wz91rgP+t dYfjGV/nlnQDKCK1S/+rjSnu4Li3dzTrcNS2rewlVuyUeM5gCnmp6vVZh9xiF/HvYPhKr68J heuo7mq9EJeeuMOcedf5d/zC5fNcdmalYbM8Ow5BT0ZLveIzuQARAQABtCNNYXR0IFRyYXVk dCA8cGFzdGx5QHRvcnByb2plY3Qub3JnPokCVAQTAQgAPhYhBLfhBfxObZN3+Jy6TIO8qVKU +7sKBQJaNsqdAhsDBQkJZgGABQsJCAcCBhUICQoLAgQWAgMBAh4BAheAAAoJEIO8qVKU+7sK AzIP/RQyFjvD7r3AldeH67uEkmGdbkKNYv5I/pO6p8KZTY0SORu+bYP00EcpnprWADmZabCY /JvsMvAVsyZ8g+NKL/EzanBu/xW/A8BoMDYs3WkXLGJJA1A6sPS7kijQtnubD0K/quVGQ48G NMTZz2oNcjsWvKk0pFsF9e68h0coRRTyDC0jLTIZlIDkuqgEfwwlMxsyDT8G5Rit2YWTT+7+ /HuRXcAvI13U9F0LypwgfZVpeLMBXwNf3K6mK07lLKrld8tWHlvYQoBlfqtm+Sz6jNJI+bNg k+UIMrts/BB2G5S/xvNTro0wXNG9aeDX7pbQsnnIzSfDMfAyAEP3IDMPNuN3FodlstVgrJlG 9Py90mNaG9h5ihm09+xZXtlCdtqUXQv6rAqj3y+h2HMmUNfJ/X/MCvTY8pGksqGPdlI/DS7b PTw9DCElsBaDSmjpwvKxFfGkSzarRmlvG9dB920zrDTkJByAWS9JO89xjHD7K06bnzTwfMBc SVaddrCBP5JUY1KlRGi07iKU7HJF9kLMdM+7Umnd1+orCFJiLra4/yL1soAqwXhbzR8rk4Du ziAfCbUmPBSD/yjujsQOj9W2whgBCjq1rJh9lF+V/31ihVCY47uxO6TTcfueaquIbPaOuFq2 Q5nMOcXeTo3Lfpy/Ksfmp+gGo/LNs/0O5TeJ1GXcuQINBFYSsCYBEACqS7ebFvWcarIc2pAb BFAcgdZvS5uHCV4eq23adCQbg1xBMNXDVzq7WU2jc7Cu0HwPJ9OoUUcPuf/EgwiF+a0A/IrZ C2zjVyzvdLZ7+MqPje8ff2/HjxZs7G5Ss1auISFqOO67wPh4jRcy/M91U+JBgFZH2SAsDNgc GxK2T6nFWiEXd8Y+ntEUJhXsMrakq+opidtYMRkK5PxW3InQFP9y52SXR77S5jzmpZc0pVg+ e4Euletz26yGTM2piwd4jbY0rM34oeHNN8w2MEo0krYla7NhK3dmAKoHu7kSUymp//KdJi6R dO7P0meBS4HS+sapQUJz+pQf+4yuHJFPyAVFDXbkJg+QCZhENuq4zmJPi8g/4V/E9K1NrL8d NxhWwQ43ZeS33Ts6FAFAPhdde3QVSa59u/tKF4sqMAlitzypRobVJmjnok87jMVxislfiZL3 LbZUTV2jxMwEXdRzNsyKUoAfVOc2ePFfFwsv7lNK9ED0vdOoStOzpRGRgb0AFOJAjALQhUS3 3ORQSeIvYze1KIf9wX3VGXIIq4mXY7k02Xv2tFpefu03fd1jcCbWnz7N+HvM7xiV4+hCTaaA ZQ78t4PuMPr0Rq7jCWP8ft4CDI+xQaaqfTmdbxezx9oVpwT6AbAgOAkaiY3UY6zXUtN7vez+ SGxiVYf84XUsMWUPAQARAQABiQIlBBgBAgAPBQJWErAmAhsMBQkJZgGAAAoJEIO8qVKU+7sK 888P/21HChE8q1LTfD6SgMiJmiTLTzL6Pg5D9urPRY3qn2DEo4oB8jIfwlvnbWvviC2fAC9/ 1dgILONvNQCRhI72sHdffBLjE+aV1Wu/HR6KEk26gN0J6QqJwxzrcycrBK/BXbSlv/VoUNZl kdlcUXNT7g5dTIC+bcRRjb5Rjv/L8yRh0ygyMOjTjwBvZT4AUUL8/Wo6IdcqkR4xHpsiZ7nX 4BztwEMmK5KmetfL6dlm8qLodrEAroeRN4CV+JjoeF5D3nOM/7MCAlu0KLj1Y92RAhCL5ycb qvyBXb0yiM0A3kWZouhMzyJDZTIV3rUered5+t8KWL+KNaO2goC0N/zHFx/GA5AOI74bWdKI S0Yuq3z56lEXJX5vuHEWl+yDc53zlc2lHa+DQLKacnhbj4ln9GRKvWE/bn5M4j+tkL0Sy5Qc 9GSJXDcJ/f7/YGadxuhFmJ4xymtHkfE9v4U7dbpr6sVkpa6jE1JqwYbKuEPsGDschFmdsAz5 1vlAsZydDHrPMoWOwvimN2OFjoi5gp26f0a+69nR1EezkCGR1el41jyf+230m82W2NnbQBGV 9I3/fmms6sUaNzmqu0pAKNwKAV2Gu+X2YN0kj3IW1ZlihdRr4QBFTh3YxC/YaeA8f1p5KH/I xGB5mjkyqzrgez8ZRgidcaduTIwqPDWw4BX0IXEc
- Delivered-to: archiver@xxxxxxxx
- Delivery-date: Wed, 11 Dec 2019 18:38:42 -0500
- In-reply-to: <e3c08998-a02b-1324-e265-9bd4cd917011@riseup.net>
- List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
- List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
- List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
- List-post: <mailto:tor-dev@lists.torproject.org>
- List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
- List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
- References: <e3c08998-a02b-1324-e265-9bd4cd917011@riseup.net>
- Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
- Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
On 12/11/19 4:31 PM, procmem@xxxxxxxxxx wrote:
> Hi I was wondering what the mathematical probability of guessing an
> onion v3 address that is kept secret.
>
> Or asked differently: what is the entropy of v3 addresses if an
> adversary decides to bruteforce the entire keyspace?
>
> I am struggling to come up with a usecase for authenticated v3 services
> when keeping an address secret has the same effect and one can generate
> multiple addresses for the same server and share them with different
> entities. The degraded usability of v3 auth services compared to v2 is
> the reason I'm asking.
>
An additional thought for the less-technical side of things:
Using client auth, you *could* advertise the address(es) publicly. Put
them in a pastebin you trust to not delete your pastes. Make a Reddit
post listing them all. Whatever makes it easy for you to "bookmark" your
v3 onion addresses without actually using the bookmark functionality of
Tor Browser. So what if people know v3xyz.onion exists; they can't
connect to it!
I'll admit it's a rather weak use-case: if you can remember/save the
client auth credentials, you could remember/save the address itself too.
Matt
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev