[tor-dev] sketch: An alternative prop224 authentication mechanism based on curve25519

David Goulet dgoulet at ev0ke.net
Thu Nov 17 22:20:01 UTC 2016


On 18 Nov (08:27:53), teor wrote:
> 
> > On 18 Nov. 2016, at 03:52, David Goulet <dgoulet at ev0ke.net> wrote:
> > 
> >> 
> >> I ended up using the x25519 scheme described above by Nick.
> >> 
> >> I also ended up dodging the UX questions raised on this thread, by only
> >> specifying the Tor protocol level details, and leaving the out-of-band
> >> HS<->client protocol mostly unspecified. I believe that this out-of-band
> >> protocol and configuration details can be figured out in the future, and
> >> we should not block on them right now.
> > 
> > Yes, I believe this is fine. Note that tor-keygen tool is getting another
> > _very_ important use case here that is the key generation on client side.
> 
> The tor-keygen tool is not currently included in the Tor Browser bundle.
> So we would have to add it (or provide an alternate method) for Tor Browser
> users.

It also does not really exists :). But we have a ticket for it and it's
very important also for HS offline keys!

And yes, I like you idea that TBB should have it included coupled with a
nice UI for HS auth.

Cheers!
David

> T
> 
> -- 
> Tim Wilson-Brown (teor)
> 
> teor2345 at gmail dot com
> PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
> ricochet:ekmygaiu4rzgsk6n
> xmpp: teor at torproject dot org
> ------------------------------------------------------------------------
> 
> 
> 
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 585 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20161117/99df6efd/attachment.sig>


More information about the tor-dev mailing list