[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting

To: s7r <s7r@xxxxxxxxxx>
Subject: Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
From: George Kadianakis <desnacked@xxxxxxxxxx>
Date: Fri, 06 Nov 2015 15:35:50 +0200
Cc: tor-dev@xxxxxxxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Nov 2015 08:36:08 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1446816954; bh=TYRwzinoKmLD3JgWdOOJ5ZKP+fGTUrUIm0dATZPZov0=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=goYhOJSd3ZZuZzBaZs8EUCdPdiDdMnPjSY9yjwVkCIXh7nH1Q9IVlWZIJC11+nl2H kuzfLQ3RKzNrqh1zZc8Kw2XpApgDB6hzfUoFn61LTRsMLRirpfSGMkcKGcZe2sEI/8 cRh+InGkM45Jear/RVRMi+ZmE9Rw04C60veqB0Sg=
In-reply-to: <87poznw9ym.fsf@xxxxxxxxxx> (George Kadianakis's message of "Fri, 06 Nov 2015 15:09:37 +0200")
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <20151028182636.GC16206@raoul> <563AC04A.30301@xxxxxxxxxx> <87poznw9ym.fsf@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Microsoft Outlook Express 6.00.2900.5843

George Kadianakis <desnacked@xxxxxxxxxx> writes:

> s7r <s7r@xxxxxxxxxx> writes:
>
>> Hello,
>>
>> <snip>
>>
>> 4.1.1. Computing commitments and reveals [COMMITREVEAL]
>> "The value REVEAL is computed as follows:
>>
>>       REVEAL = base64-encode( TIMESTAMP || RN )"
>>
>> * Maybe it is useful to also sign the REVEAL value with the SR key for
>> broadcasting, besides keeping the unsigned one for computing COMMIT
>> which obviously needs a separate signature. It provides some security
>> against little effort. Useful for directory authorities who miss the
>> commitment phase and only participate in the reveal phase. Something
>> like this (switched TIMESTAMP's place at the end):
>>
>> 	REVEAL = base64-encode( RN || TIMESTAMP )
>> 	SIGNATURE = ed25519-sign( privkey=PRIVKEY, msg=RN || TIMESTAMP )
>> 	REVEAL_BROADCAST = base64-encode( RN || TIMESTAMP || SIGNATURE )
>>
>> where the signature is performed using a special shared randomness
>> ed25519 key [SRKEY].
>>
>
> To be honest now that we removed the conflict detection code, the SR keys are
> almost useless, since there is already origin proof for authoritative
> commits/reveals by listing them on the signed vote.
>
> I'm kinda contemplating removing the SR keys altogether, since that would remove
> another good 500+ lines of code. It would also simplify considerably our
> commit/reveal generation and verification procedures. It would also speed up the
> code review procedure.
>
> I'm kind of sad for us killing all that nice code, but hey we can keep it in a
> branch and use it when we actually need to.
>
> Let me know what you think here. Maybe i'm crazy.

and here is a spec change for this suggestion:

     https://gitweb.torproject.org/user/asn/torspec.git/commit/?h=prop250-nosrkeys-v1&id=4a799b3b5b7955a1b3b07475ae341c37b29c1f3b

Let me know what you think.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
  - From: David Goulet
- Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
  - From: s7r

References:
- Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
  - From: s7r
- Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
  - From: George Kadianakis

Prev by Author: Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
Next by Author: [tor-dev] Hidden service patch workshop on #tor-dev IRC channel
Previous by thread: Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
Next by thread: Re: [tor-dev] Update of prop#250: Random Number Generation During Tor Voting
Index(es):
- Author
- Thread