[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] obfs4 and ntor (question wrt node_id)



On Mon, 02 Jun 2014 16:12:03 +0100
George Kadianakis <desnacked@xxxxxxxxxx> wrote:
 
> Yep, that's what I gathered too.
> 
> Unfortunately, the server-side obfs4 might not have access to its
> address/port (it normally knows that it has to bind to 0.0.0.0:<port>,
> not the actual external IP address).
> 
> So we were considering whether generating a random nodeid would be OK
> for security.
> Or even omitting the nodeid completely, and just using the public key
> B in its place (since \hat{B} is just used as an one-to-one map to a
> B) Or does this complicate the security proof?

Unless I'm horrifically mistaken, a random nodeid is fine as it is just
as arbitrary as the current node ID.  Since there isn't any tight
coupling between pluggable transports and the remote bridges they
connect to, the bridge fingerprint currently in use is also a "random
nodeid", at least as far as obfs4 is concerned (The fact that it
coincidentally happens to be the bridge fingerprint has no effect on
the obfs4 protocol itself).

Regards,

-- 
Yawning Angel

Attachment: signature.asc
Description: PGP signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev