[tor-talk] .onion name gen
Seth David Schoen
schoen at eff.org
Fri Mar 4 20:52:50 UTC 2016
Scfith Rise up writes:
> It _would_ be the same private key. Good luck with generating 1.2 septillion permutations (16^32).
This would be true if the public key were used directly as the onion name
(which might be possible in certain elliptic curve systems because keys
are so small).
But in this case, the onion name is calculated from a hash of the public
key, and the size of the hash is much smaller than the size of the
underlying pubkey (80 bits vs. 1024 bits). The pigeonhole principle
requires that many, many different pubkeys must have the same hash --
on average, about 2⁹⁴⁴ pubkeys would have the same hash. When you
get a perfect collision from scallion, after doing that 2⁸⁰ work
(analogous to about 11 days of entire work of the Bitcoin network --
which you can think of as surprisingly much or surprisingly little work),
you're still astronomically unlikely to have the same private key!
--
Seth Schoen <schoen at eff.org>
Senior Staff Technologist https://www.eff.org/
Electronic Frontier Foundation https://www.eff.org/join
815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
More information about the tor-talk
mailing list