[tor-bugs] #8106 [Tor]: Make .onion addresses harder to harvest by directory servers
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jun 7 16:10:14 UTC 2013
#8106: Make .onion addresses harder to harvest by directory servers
-----------------------------+----------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: SponsorZ tor-hs | Parent:
Points: | Actualpoints:
-----------------------------+----------------------------------------------
Comment(by hyperelliptic):
> I said explicitly in comment:13, before your first comment here, that
the blinded base point is part of the blinded public key:
>
> > In Ed25519, the public key is `A`. In my blinded-public-key variant of
Ed25519, the blinded public key is `(HB(nonce, B, A)*B, HB(nonce, B,
A)*A)`.
>
If you meant this to say that the .onion address is the concatenation of
the 2 x-coordinates than the easy reply to "I realize that you can
bootstrap from this by including Bprime in the storage location so that
the real data and the attack data get written to different places, but
then you suddendly have twice the length." in
https://trac.torproject.org/projects/tor/ticket/8106?replyto=22#comment:16
would be to say that you in fact accept the double length.
In any case, double-length .onion addreses or a broken scheme are pretty
"legitimate reasons for concern".
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8106#comment:23>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list