[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Key length and PK algorithm of TOR

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Key length and PK algorithm of TOR
From: Gregory Maxwell <gmaxwell@xxxxxxxxx>
Date: Sat, 1 Jan 2011 20:46:34 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 01 Jan 2011 20:47:14 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=y8/1ak6eDDtgT79BQVMVgdTIkJI8WFacALNduLnYxRU=; b=T5dNXLNPH2EMCA7+brD5/MYR62m3Kp5dkZUIwCCS6pEw6w3Ih4fPPwmLTJVBVO+26+ jHZ24gxQTORLceezC1vaysbc8jBBSZeaHaVqSRASt9ETIxW0bUBcpt91F67vgwktzkA+ 0jYCIJrvqgrRxX9R2jlHohlH/CYSKBDBrPmNg=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=L780ayyVshw2EdyPLbOLogSLo1Oq/5M8PVRmytvxiyyGC9DuL8coYuIGCjutviaTDq 5D5popLTOCdMsTsy6JP4mdk7moVx8VnSkRXBL5ijX0X3ylIBxe/h8dVo6+Gph2JfScoK Oy6UyOWvqEi2hr39faoDr8l9aVb8BjTH5Vn18=
In-reply-to: <AANLkTingmxg_T55JzR=hJL2DTQo_6bEfEGYZwxkr_OLH@xxxxxxxxxxxxxx>
References: <4D1E3B61.80207@xxxxxx> <20101231221048.GA29103@xxxxxxxxxxxxxx> <AANLkTingmxg_T55JzR=hJL2DTQo_6bEfEGYZwxkr_OLH@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Fri, Dec 31, 2010 at 10:17 PM, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
> But to answer your questions, the main reason Tor doesn't use ECC now
> (and that its RSA keys are 1024 bits except for authority keys) is
> that back when we designed the relevant parts of the Âcurrent Tor
[snip]

Soâ if someone had asked me about this I would have also pointed out
that using anything other than moderately sized RSA in the transport
security would make it impossible for Tor to look at all like a random
SSL (e.g. a http client/server) and thus be more vulnerable to
blocking by even the laziest attackers.

I haven't seen this point raised in this thread, so I'm wondering if
I'm misunderstanding or if it's just not being mentioned because even
ignoring the ciphersuite selection blocking tor based on the
on-the-wire behavior isn't especially difficult.
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Prev by Author: Re: Is "gatereloaded" a Bad Exit?
Next by Author: Re: Tor uses swap?
Next by thread: Verification of Package Files When Using Sources.List.
Index(es):
- Author
- Thread