[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Publishing sanitized bridge pool assignments

To: or-dev@xxxxxxxxxxxxx
Subject: Re: Publishing sanitized bridge pool assignments
From: Karsten Loesing <karsten.loesing@xxxxxxx>
Date: Mon, 31 Jan 2011 21:52:28 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-dev-outgoing@xxxxxxxx
Delivered-to: or-dev@xxxxxxxx
Delivery-date: Mon, 31 Jan 2011 15:52:38 -0500
In-reply-to: <20110131200357.GR30949@xxxxxxxxxxxxxxxxxxxxx>
References: <20110125111245.GA5739@xxxxxxxxxxxxxx> <20110131193700.GA3873@xxxxxxxxxxxxxx> <20110131200357.GR30949@xxxxxxxxxxxxxxxxxxxxx>
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-dev@xxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Mon, Jan 31, 2011 at 03:03:57PM -0500, Ian Goldberg wrote:
> On Mon, Jan 31, 2011 at 08:37:00PM +0100, Karsten Loesing wrote:
> > Here's a sample bridge pool assignment from September 2010 that is
> > sanitized as described above (all IP addresses set to 127.0.0.1, contained
> > fingerprints are SHA-1 hashes of the original fingerprints):
> > 
> >   http://freehaven.net/~karsten/volatile/bridge-pool-assignment-sample
> > 
> > This sample is there, so that everyone gets a better idea of what is meant
> > by a bridge pool assignment.  Does anyone object to publishing tarballs of
> > these sanitized bridge pool assignments on the metrics website, so that we
> > (and anyone else) can analyze them?
> 
> Is there enough entropy in the things you're hashing to prevent
> reversing the hash?

Well, I guess so.  We're hashing the bridge identity fingerprints.  From
dir-spec.txt:

    "fingerprint" fingerprint NL

       [At most once]

       A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
       hex, with a single space after every 4 characters) for this router's
       identity key.

Does this mean we're safe here?

Thanks,
Karsten

Follow-Ups:
- Re: Publishing sanitized bridge pool assignments
  - From: Nick Mathewson

References:
- Publishing sanitized bridge pool assignments
  - From: Karsten Loesing
- Re: Publishing sanitized bridge pool assignments
  - From: Karsten Loesing
- Re: Publishing sanitized bridge pool assignments
  - From: Ian Goldberg

Prev by Author: Re: Publishing sanitized bridge pool assignments
Next by Author: Fwd: Re: Thoughts on https://trac.torproject.org/projects/tor/wiki/dev/SupportPolicy
Previous by thread: Re: Publishing sanitized bridge pool assignments
Next by thread: Re: Publishing sanitized bridge pool assignments
Index(es):
- Author
- Thread