[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] HS v3 client authorization types

To: Ian Goldberg <iang@xxxxxxxxxxxxxxx>, tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] HS v3 client authorization types
From: George Kadianakis <desnacked@xxxxxxxxxx>
Date: Fri, 18 May 2018 19:03:09 +0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 18 May 2018 12:03:36 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1526659398; bh=pcNP7bruHvLOvJTW9zT+eeJDAN6pg8QTvQVsK14dB8k=; h=From:To:Subject:In-Reply-To:References:Date:From; b=DVpEcIvl9+39YgnmAUPZHzQfFoR/bQCsFoJsR4oxkog8+ZdWSmlYCu7ysHpDHGNHL MSW3tF2ug6qKFK4Vlvfp891zcOjf3rG1gx/yvf6O0kHeAGiaueZ1a0sHpieHHVTwSE RXSrLDmFI/rM/npdFPiz48jHSnB1DaTAhFe59izs=
In-reply-to: <20180514143817.GB24239@cs.uwaterloo.ca>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <2481d781-904c-c967-de69-db40060d9c9d@gmail.com> <86y3h8l621.fsf@atlantis.meejah.ca> <53B585EE-002B-4BD9-9878-C3BF8117825B@gmail.com> <830d964a-d1c8-3719-0787-3d42405dc645@gmail.com> <87efiukpjr.fsf@riseup.net> <871seljjqc.fsf@riseup.net> <5cd3ddc8-c1c7-287c-cfea-7bbc825af55c@gmail.com> <20180514143817.GB24239@cs.uwaterloo.ca>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Ian Goldberg <iang@xxxxxxxxxxxxxxx> writes:

> On Thu, May 10, 2018 at 12:20:05AM +0700, Suphanat Chunhapanya wrote:
>> On 05/09/2018 03:50 PM, George Kadianakis wrote:
>> > b) We might also want to look into XEdDSA and see if we can potentially
>> >    use the same keypair for both intro auth (ed25519) and desc auth
>> (x25519).
>> 
>> This will be a great advantage if we can do that because putting two
>> private keys in the HidServAuth is so frustrating.
>
> The private key for intro auth is used to make a signature (that will be
> different per client), while the private key for desc auth is used to
> decrypt the descriptor (which will be the same for all clients), no?
>

Hm. Both intro auth and desc auth keys are different for each client. In
the case of desc auth we do that so that we can revoke a client without
needing to refresh desc auth keys for all other clients.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- Re: [tor-dev] HS v3 client authorization types
  - From: George Kadianakis
- Re: [tor-dev] HS v3 client authorization types
  - From: George Kadianakis
- Re: [tor-dev] HS v3 client authorization types
  - From: Suphanat Chunhapanya
- Re: [tor-dev] HS v3 client authorization types
  - From: Ian Goldberg

Prev by Author: Re: [tor-dev] DNS-over-HTTPS (DOH) in Firefox/Torbrowser
Next by Author: Re: [tor-dev] HS v3 client authorization types
Previous by thread: Re: [tor-dev] HS v3 client authorization types
Next by thread: Re: [tor-dev] connectivity failure for top 100 relays
Index(es):
- Author
- Thread