[tor-dev] Proposal 190: Password-based Bridge Client Authorization
Robert Ransom
rransom.8774 at gmail.com
Fri Nov 4 19:41:00 UTC 2011
On 2011-11-04, Robert Ransom <rransom.8774 at gmail.com> wrote:
> On 2011-11-04, George Kadianakis <desnacked at gmail.com> wrote:
>> To avoid problems associated with the human condition, schemes
>> based on public key cryptography and certificates can be used. A
>> public and well tested protocol that can be used as the basis of a
>> future authorization scheme is the SSH "publickey" authorization
>> protocol.
>
> Secret keys for DSA (with a fixed group) and EC-based signature
> schemes can be short enough to be fairly easy to transport. Secret
> keys for RSA are a PITA to transport, unless you either (a) specify a
> deterministic key-generation procedure, or (b) make the public key
> available to all clients somehow, and provide enough information to
> clients intended to access a bridge that the client can factor the
> modulus efficiently.
Um. On second thought, this is just freaking ridiculous (especially
my paragraph). We don't want each client to have to generate a
public-key authentication keypair and send its public key to the
bridge in advance; that would be a nightmare to implement with our
current bridge infrastructure.
So the only sensible ways to use public-key authentication seems to be
to give the same secret key to every authorized client (i.e.
distribute it like a password) (see Telex), and then we might as well
use a (shorter) shared-secret password (unless we need magic features
of a specific cryptosystem like the ‘public-key steganography’ used in
Telex).
Robert Ransom
More information about the tor-dev
mailing list