[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Length of new onion addresses

Hash: SHA1

Hi Michael,

> Length is not nearly as important as bookmarkability. You mentioned
> that you are going to be changing stuff every day. That worries me.

My bad. No worry, this is just a misunderstanding. What I should have
written is that a service's onion address (what clients bookmark or type
into their browsers) stays the same all the time.

What changes are the descriptor identifiers which are created from the
service id and the secret cookie. This allows for storing descriptors on
changing nodes all the time, which is a novel security feature that
becomes possible from incorporating the secret cookie. It prevents
persons from tracking a service's activity or usage pattern. I only
mentioned it to stress that the attack of generating a key pair with the
same id as an honest service would be limited to one day. Such an attack
would become more likely the fewer bits the service id has. But the
changing descriptor ids have no impact on the usage by hidden service
providers or clients.

- --Karsten
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org