[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
#8106: Make .onion addresses harder to harvest by directory servers
-----------------------------+----------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: SponsorZ tor-hs | Parent:
Points: | Actualpoints:
-----------------------------+----------------------------------------------
Comment(by hyperelliptic):
> I said explicitly in comment:13, before your first comment here, that
the blinded base point is part of the blinded public key:
>
> > In Ed25519, the public key is `A`. In my blinded-public-key variant of
Ed25519, the blinded public key is `(HB(nonce, B, A)*B, HB(nonce, B,
A)*A)`.
>
If you meant this to say that the .onion address is the concatenation of
the 2 x-coordinates than the easy reply to "I realize that you can
bootstrap from this by including Bprime in the storage location so that
the real data and the attack data get written to different places, but
then you suddendly have twice the length." in
https://trac.torproject.org/projects/tor/ticket/8106?replyto=22#comment:16
would be to say that you in fact accept the double length.
In any case, double-length .onion addreses or a broken scheme are pretty
"legitimate reasons for concern".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs