[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
From: David Vorick <david.vorick@xxxxxxxxx>
Date: Fri, 17 May 2013 11:29:44 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 17 May 2013 11:29:59 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type; bh=Bx3woz5RWz4g8RMMWiox06PtNXevrtv+rsABcls+nZc=; b=AuvCoO3ZEuys8aGTJJZozrxUfs7vcSb7LfBh4/v1tN+USJeVP23/OOtCv5AIDrngjX kMjjSYAM+jUash0/nR4Tj+ysK0CeAwP4l7InaPidG04mD8clVFbiQKSuid6DmwWwaZW6 oLLjOKaLB+k2mhlvBkG4MhMj76cyptaPMrayhMzisSyN2ghDm7kRg5jXpHw1bhO9JRBX O5IAxmC96/pvLm/hS46jXu2rdKUflY3H+GngS1Xe62mhfGu2+jhL7kSSfnIS47EamrLw yBdVNCjC7qxQJgNaVSFJnjQkxZKNkmF+BYoGUffWmxd/AFfjtjIs66CsAoPMpDIoer/Y SPZA==
In-reply-to: <5196481D.90207@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <1ce4ad2adaab4af523c4be2419e9c5df.squirrel@xxxxxxxxxxxxxxxxxxxxx> <5196481D.90207@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

Why are so many bits necessary? Isn't 128bits technically safe against brute force? At 256 bits you are pretty much safe from any volume of computational power that one could fathom within this century. The only real danger is a new computational model that is nondeterministic or something crazy like that. I feel like what exists currently (from a quantity of bits standpoint) is more than sufficient.

On Fri, May 17, 2013 at 11:09 AM, adrelanos <adrelanos@xxxxxxxxxx> wrote:

George Kadianakis:
> Thoughts?

Can you make .onion domains really long and therefor really safe against
brute force?

Or have an option for maximum key length and a weaker default if common
CPU's are still too slow? I mean, if you want to make 2048 bit keys the
default because you feel most hidden services have CPU's which are too
slow for 4096 bit keys, then use 2048 bit as default with an option to
use the max. of 4096 bit.

Bonus point: Can you make the new implementation support less painful
updates (anyone or everyone) when the next update will be required?
(forward compatibility)
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: adrelanos
- Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: Gordon Morehouse
- Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: Nick Mathewson
- Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: Zack Weinberg

References:
- [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: George Kadianakis
- Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
  - From: adrelanos

Prev by Author: Re: [tor-dev] Building better pluggable transports - GSoC 2013 project
Next by Author: Re: [tor-dev] SQLSupport
Previous by thread: Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
Next by thread: Re: [tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services
Index(es):
- Author
- Thread