[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Finally a Cloudflare captchas workaround thanks to next-gen onion services?
On 20 February 2017 at 09:45, Georg Koppen <gk@xxxxxxxxxxxxxx> wrote:
> I don't think so as I don't see how next generation .onion services
> solve the underlying problem.
I believe they are referring to something which I have also heard from CA/B
Forum, regards SSL certificates.
There's a general perception in industry - with some justification - that
SHA1 is bad.
And current Onion addresses are based on SHA1.
And they're only 80 bits, truncated SHA1.
So current onion addresses are bad, too.
Because a bad person could brute-force an 80 bit collision to hijack an
And that would be bad.
Also, it would be way easier** than (say) social-engineering a CA to
issue a certificate to a fake or phishing site.
Because that never** happens.
So: industry thinks that 80-bit cryptographic addresses are
brute-forceable, thus will not issue DV SSL certificates for them. Instead
they will only permit EV certificates to be issued.
After all, having trivially** collided an 80-bit hash and set up your fake
Facebook Onion, you don't want some CA's automated
"URL-secret-cookie-reachability"-based certificate generator to blindly
issue an SSL certificate for the fake onion, thereby putting the SSL stamp
of approval on the site; that would be bad.
Hence EV, which requires a more intimate relationship with the requester,
to mitigate this tremendous** security risk.
I suspect that the OP is pointing out that Prop224, with its 256-bit onion
addresses, will be much more resistant to brute force and therefore may be
more broadly acceptable to the trust/comms industry.
** your mileage may vary.
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to