[tor-project] Many bridges (22%) have nickname "ki"
Karsten Loesing
karsten at torproject.org
Tue Jan 10 08:22:01 UTC 2017
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 09/01/17 21:59, isis agora lovecruft wrote:
> I've patched BridgeDB (#21162) and added a file to blacklist these
> bridges by fingerprint. However, looking at the onionoo results
> which David original pasted, the IP addresses are all different
> (10.x.x.x) in onionoo for the ki bridges. Perhaps something is
> wrong with onionoo's hashed-IP file thing?
Not a bug, a feature
(https://collector.torproject.org/#bridge-descriptors):
> IPv4 addresses are replaced with 10.x.x.x with x.x.x being the 3
> byte output of H(IP address | bridge identity | secret)[:3]. The
> input IP address is the 4-byte long binary representation of the
> bridge's current IP address. The bridge identity is the 20-byte
> long binary representation of the bridge's long-term identity
> fingerprint. The secret is a 31-byte long secure random string that
> changes once per month for all descriptors and statuses published
> in that month. H() is SHA-256. The [:3] operator means that we pick
> the 3 most significant bytes of the result.
All the best,
Karsten
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
iQEcBAEBCAAGBQJYdJmpAAoJEC3ESO/4X7XBu6cIAIa4viKRAxGqxCE7wZBavfjT
hZ+XfSkdC8MaEZsAy/cjYL0PAY6I1hmJV1epIZVgW1J72YGjRiaq+lXsRzeMC91H
1fx7p28OK4qEp4eTxaqTUQyZV2kdRtOnL60HCc4EhM2ayFTRwtvI5RRmFNitwt0E
o5MQE1fF6OVMoQ6K9VYi9XRzusXsTLx6S/gGWnjjc7iBXDUyaJ9zeHK2HywUn2n+
SWVG05E9aLjj37sFz+FRouAkcl6+combaLGBC8qzCG03fjM7vInZyXRuB8Wh1f+E
bXfK1dlWVN1uJcNQIUkOvg/4RsVUCjMxPqr1+1XwUZdOa+Epy4WVWvnBfPgWBH4=
=Tclw
-----END PGP SIGNATURE-----
More information about the tor-project
mailing list