Publishing sanitized bridge pool assignments

Karsten Loesing karsten.loesing at gmx.net
Mon Jan 31 20:52:28 UTC 2011


On Mon, Jan 31, 2011 at 03:03:57PM -0500, Ian Goldberg wrote:
> On Mon, Jan 31, 2011 at 08:37:00PM +0100, Karsten Loesing wrote:
> > Here's a sample bridge pool assignment from September 2010 that is
> > sanitized as described above (all IP addresses set to 127.0.0.1, contained
> > fingerprints are SHA-1 hashes of the original fingerprints):
> > 
> >   http://freehaven.net/~karsten/volatile/bridge-pool-assignment-sample
> > 
> > This sample is there, so that everyone gets a better idea of what is meant
> > by a bridge pool assignment.  Does anyone object to publishing tarballs of
> > these sanitized bridge pool assignments on the metrics website, so that we
> > (and anyone else) can analyze them?
> 
> Is there enough entropy in the things you're hashing to prevent
> reversing the hash?

Well, I guess so.  We're hashing the bridge identity fingerprints.  From
dir-spec.txt:

    "fingerprint" fingerprint NL

       [At most once]

       A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
       hex, with a single space after every 4 characters) for this router's
       identity key.

Does this mean we're safe here?

Thanks,
Karsten



More information about the tor-dev mailing list