On Mon, 02 Jun 2014 16:12:03 +0100
George Kadianakis <desnacked@xxxxxxxxxx> wrote:
> Yep, that's what I gathered too.
>
> Unfortunately, the server-side obfs4 might not have access to its
> address/port (it normally knows that it has to bind to 0.0.0.0:<port>,
> not the actual external IP address).
>
> So we were considering whether generating a random nodeid would be OK
> for security.
> Or even omitting the nodeid completely, and just using the public key
> B in its place (since \hat{B} is just used as an one-to-one map to a
> B) Or does this complicate the security proof?
Unless I'm horrifically mistaken, a random nodeid is fine as it is just
as arbitrary as the current node ID. Since there isn't any tight
coupling between pluggable transports and the remote bridges they
connect to, the bridge fingerprint currently in use is also a "random
nodeid", at least as far as obfs4 is concerned (The fact that it
coincidentally happens to be the bridge fingerprint has no effect on
the obfs4 protocol itself).
Regards,
--
Yawning Angel
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev