[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Questions about crypto used in TAP/Ntor

On Thu, Oct 30, 2014 at 2:22 PM,
<BM-2cUqBqHFVDHuY34ZcpL3PNgkpLUEEer8ev@xxxxxxxxxxxxx> wrote:
> Dear experts,
> Want to clarify some things:
> 1. The fignerprint of a Tor relay which is advertised in the direcotry
> data is a SHA1 sum of which key? Sice now a relay has a secret onion key
> and a secret key for Ntor.

Neither one; it's a fingerprint of the identity key. (That's the one
called "signing-key" in the descriptors.)  See section 1.1 of
tor-spec.txt for a list of keys.

> 2. The fingerprint (since it's a hash sum of the key) is what strengths
> encryption between relays or clients and relays, kind of like a CA in SSL?
> That is why the directory authorities sign the list of fingereprints - is
> this correct?

These identity key fingerprints are used to authenticate link
encryption, to know you've done a TLS connection to the right node.
They're used to sign all the other keys.

> 3. How strong is Ntor compared to TAP? As I can see in latest Tor version
> now clients prefer Ntor by default - are there any plans to deprecate TAP
> in teh future?

ntor is probably as strong as curve25519; TAP is probably as strong as
dh1024. (So, ntor is probably far far stronger than TAP.)

I'd like to deprecate TAP.  Some time in the next 2-8 months, for
instance, I'd like to make authorities reject relays that don't
support ntor.  That should be sufficient to stop clients running 0.2.4
and later from having to use TAP.

> 4. The fingerprint is a SHA1 hash, as described in the papers. Any plans
> to move in the immediate future to a stronger hash algorithm, like SHA256?

I'm working on implementing proposal #220 right now, which migrates
relay identities to (unhashed) Ed25519 keys.

[tor-spec.txt] https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/tor-spec.txt
[proposal 220] https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/220-ecc-id-keys.txt
[implementation in progress]
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to