[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] One Valid Next-Generation Onion Address per Private Key



Hi all,

Most onion service users expect that there is only one valid onion
address for their private key. (For example, one address is listed in
SSL certificates.)

I spoke with Ian, and he said that as part of validating the onion
address, we should check if it is a valid point.

He said we need to multiply the point by L, and make sure there's no
torsion component (that is, that the result is the identity).

This avoids the complexity of choosing a canonical point using some
lexicographic order, or the complexity of using something like decaf.

(Hopefully, Ian will write back if I transcribed things incorrectly.)

T
--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------

Attachment: signature.asc
Description: Message signed with OpenPGP

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev