[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers

Subject: Re: [tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 09 Oct 2013 16:56:26 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 09 Oct 2013 12:56:44 -0400
In-reply-to: <043.eb84891d9528d1bc44df2a5be33449bd@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.eb84891d9528d1bc44df2a5be33449bd@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#8106: Make .onion addresses harder to harvest by directory servers
------------------------+--------------------------------
     Reporter:  asn     |      Owner:
         Type:  defect  |     Status:  new
     Priority:  major   |  Milestone:  Tor: 0.2.5.x-final
    Component:  Tor     |    Version:
   Resolution:          |   Keywords:  SponsorZ tor-hs
Actual Points:          |  Parent ID:
       Points:          |
------------------------+--------------------------------

Comment (by hyperelliptic):

 Hi everybody.

 Replying to [comment:29 asn]:
 > There might be a smart multiplication somewhere there that would make
 the unblinded public key disappear from the equation, but I don't see it
 currently.
 >
 Yes, the equation changes. The initial version had some divisions, which
 will not be so good performance wise. So, here is how it works without
 blinding the base point:

 General system set up: base point B on elliptic curve, B has prime order
 l.

 Signer knows: a (secret key), h=blinding factor of the day
 =hash(date,A,B), where date is given in some agreed upon precision.
 Long-term public key (known to the user): A=aB
 Public key of the day: A'=hA=(ha)B
 This means, that the secret key of the day is (ha).

 Signature which is valid under A':

 Pick random r (or better, compute it in some deterministic manner, see
 EdDSA paper),
 compute R=rB, compute S=r+hash(R,A',M)ah mod l, send signature (R,S) and
 public key A'

 Verify at DS: check whether SB=R+hash(R,A',M)A'.
 This works for a valid signature since
 SB=(r+hash(R,A',M)ah)B=rB+(hash(R,A',M)ah)B=R+hash(R,A',M)A'

 Verify by user: User knows A and date, so can compute A' to query DS. Can
 verify signature
 the same way as DS does.

 All the best
   Tanja

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106#comment:30>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #9752 [Tor bundles/installation]: Gitian LXC build fails to find 'base-lucid-amd64'
Next by Author: [tor-bugs] #9942 [Flashproxy]: have each flashproxy poll multiple custom facilitators
Previous by thread: Re: [tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
Next by thread: Re: [tor-bugs] #8150 [EFF-HTTPS Everywhere]: HTTPS Everywhere for Opera
Index(es):
- Author
- Thread