[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
From: Robert Ransom <rransom.8774@xxxxxxxxx>
Date: Fri, 4 Nov 2011 19:41:00 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 04 Nov 2011 15:41:14 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; bh=5xfH6tI//GG35FXtAzyQhy4Zqb6Jj/DrQsniT+hZwkE=; b=c84VuosH7wSAaRF9QLhi615hI0tEJ7Csr15fIhS/jYkMolHLjiKe9m+cdS3Y3I3O5p 3kx2Re5t08xjTTyqHXmZQJy5sWCevKDQgwC6jwWQd+9Tce99cwYYAnIf222ttg7JabFF YDKnybrP6XKWkwIdogfDBwQsEWFMC3oDwJ6uM=
In-reply-to: <CABqy+sqqToj+QdAsmNeJ_SSy0hTpF1aaBMTmT175b1z7gfbW2w@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for discussion by the developers of Tor." <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <87obwrg56f.fsf@xxxxxxxxxx> <CABqy+sqqToj+QdAsmNeJ_SSy0hTpF1aaBMTmT175b1z7gfbW2w@xxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx

On 2011-11-04, Robert Ransom <rransom.8774@xxxxxxxxx> wrote:
> On 2011-11-04, George Kadianakis <desnacked@xxxxxxxxx> wrote:

>>    To avoid problems associated with the human condition, schemes
>>    based on public key cryptography and certificates can be used. A
>>    public and well tested protocol that can be used as the basis of a
>>    future authorization scheme is the SSH "publickey" authorization
>>    protocol.
>
> Secret keys for DSA (with a fixed group) and EC-based signature
> schemes can be short enough to be fairly easy to transport.  Secret
> keys for RSA are a PITA to transport, unless you either (a) specify a
> deterministic key-generation procedure, or (b) make the public key
> available to all clients somehow, and provide enough information to
> clients intended to access a bridge that the client can factor the
> modulus efficiently.

Um.  On second thought, this is just freaking ridiculous (especially
my paragraph).  We don't want each client to have to generate a
public-key authentication keypair and send its public key to the
bridge in advance; that would be a nightmare to implement with our
current bridge infrastructure.

So the only sensible ways to use public-key authentication seems to be
to give the same secret key to every authorized client (i.e.
distribute it like a password) (see Telex), and then we might as well
use a (shorter) shared-secret password (unless we need magic features
of a specific cryptosystem like the âpublic-key steganographyâ used in
Telex).

Robert Ransom
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
  - From: George Kadianakis

References:
- [tor-dev] Proposal 190: Password-based Bridge Client Authorization
  - From: George Kadianakis
- Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
  - From: Robert Ransom

Prev by Author: Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
Next by Author: Re: [tor-dev] Proposal 189: AUTHORIZE and AUTHORIZED cells
Previous by thread: Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
Next by thread: Re: [tor-dev] Proposal 190: Password-based Bridge Client Authorization
Index(es):
- Author
- Thread