Delivery-Date: Mon, 14 Jul 2014 18:42:30 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id F33901E0AF2
	for <archiver@seul.org>; Mon, 14 Jul 2014 18:42:27 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 7C75D300BD;
	Mon, 14 Jul 2014 22:42:27 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id B5E122FF59
 for <tor-talk@lists.torproject.org>; Mon, 14 Jul 2014 22:29:33 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id HBEfe0ytHlfU for <tor-talk@lists.torproject.org>;
 Mon, 14 Jul 2014 22:29:33 +0000 (UTC)
Received: from patternsinthevoid.net (greyarea.patternsinthevoid.net
 [106.187.37.158])
 by eugeni.torproject.org (Postfix) with ESMTP id 3BDB52FF42
 for <tor-talk@lists.torproject.org>; Mon, 14 Jul 2014 22:29:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by patternsinthevoid.net (Postfix) with ESMTP id 2298C3A1415;
 Mon, 14 Jul 2014 22:29:29 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at patternsinthevoid.net
Received: from patternsinthevoid.net ([127.0.0.1])
 by localhost (greyarea.patternsinthevoid.net [127.0.0.1]) (amavisd-new,
 port 10024)
 with ESMTP id Vxve2BCprRO6; Mon, 14 Jul 2014 22:29:23 +0000 (UTC)
Date: Mon, 14 Jul 2014 22:29:17 +0000
From: isis <isis@torproject.org>
To: liberationtech <liberationtech@lists.stanford.edu>,
 cypherpunks@cpunks.org, tor-talk@lists.torproject.org
Message-ID: <20140714222917.GE5119@patternsinthevoid.net>
Mail-Followup-To: liberationtech <liberationtech@lists.stanford.edu>,
 cypherpunks@cpunks.org, Seth David Schoen <schoen@eff.org>
References: <20140704145641.GP26986@leitl.org>
 <20140704213623.GA8586@patternsinthevoid.net>
 <20140705035926.GA12960@localhost> <20140705190820.7faddb9c@natsu>
 <EC442E57-306F-42B0-96FB-56C0303AED78@sebastianhahn.net>
 <20140708123655.GB9691@patternsinthevoid.net>
 <20140708194203.GV10613@sescenties.(null)>
MIME-Version: 1.0
In-Reply-To: <20140708194203.GV10613@sescenties.(null)>
X-GPG-Public-Key-URL: https://blog.patternsinthevoid.net/isis.txt
X-Louis-Lingg: In this hope do I say to you I despise you. I despise your
 order, your laws, your force-propped authority. Hang me for it!
Subject: Re: [tor-talk] [liberationtech]  messing with XKeyScore
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1253479772458046472=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============1253479772458046472==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="XuV1QlJbYrcVoo+x"
Content-Disposition: inline


--XuV1QlJbYrcVoo+x
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Seth David Schoen transcribed 3.2K bytes:
> isis writes:
>=20
> > TorLauncher is smart about this, and if a bridge line (such as this one)
> > doesn't start with "Bridge", then TorLauncher rewrites the line before =
adding
> > it to the user's torrc file:
> >=20
> > Bridge obfs4 1.2.3.4:11111 abcdef0123456789abcdef0123456789abcdef01 sek=
rit=3Dfu,password=3Dbar
> >=20
> > The same obviously happens when configuring bridges in Tails, because T=
ails
> > now uses TorLauncher. The biggest problem we've seen here is that users=
 cannot
> > correctly/accurately type a bridge's fingerprint.
>=20
> Ahoy Isis,
>=20
> I've seen some protocols that write hashes as sequences of
> natural-language words.  I guess the oldest one is
>=20
> https://en.wikipedia.org/wiki/PGP_word_list


Yep, the idea is pretty old. A variant of it was even written up into
RFC1751 in 1994. [0] That one is already in the pycrypto module, [1]
at `Crypto.Util.RFC1751`. It encoded a fingerprint into 30 words with
maximal length of 4 characters each:

>>> from Crypto.Util import RFC1751
>>> encoded =3D RFC1751.key_to_english('c0f30b8a1ab2b4c9c2242b1b6cda9688c01=
462f8')
>>> encoded
'CANT FLUB GLOB BURN LEA OW PA COD GLEN NILE WRY HUNT CANT GUSH GLOW CENT L=
AM LOFT RAP HO GYP DENY CARL HUE CANT FIVE ANNA CREW LYE HUG'
>>> decoded =3D RFC1751.english_to_key(enc)
>>> decoded
'c0f30b8a1ab2b4c9c2242b1b6cda9688c01462f8'
>>> len(encoded.split(' '))
30

> but there are newer things, including the ones at
>=20
> https://en.wikipedia.org/wiki/PGP_word_list#Other_word_lists_for_data
>=20


FWIW, Leif's Bananaphone (SSH-over-Markov-Chains) tool [2] would also
work for this purpose, also more efficiently than Zimmermann's PGP
wordlist; I was able to get an encoded fingerprint easily down to 28
words, each word between 2-7 characters:

=E2=88=83!isis=E2=92=B6wintermute:~ =E2=88=B4 egrep -x '\w{2,7}' /usr/share=
/dict/words > fingerprint-corpus.txt
=E2=88=83!isis=E2=92=B6wintermute:~ =E2=88=B4 wc -l fingerprint-corpus.txt
31082 fingerprint-corpus.txt
=E2=88=83!isis=E2=92=B6wintermute:~ =E2=88=B4 du -sh fingerprint-corpus.txt
212K    fingerprint-corpus.txt
=E2=88=83!isis=E2=92=B6wintermute:~ =E2=88=B4 XZ_OPT=3D-9 tar cJf corpus.tx=
t.tar.xz fingerprint-corpus.txt
=E2=88=83!isis=E2=92=B6wintermute:~ =E2=88=B4 du -sh corpus.txt.tar.xz
56K     corpus.txt.tar.xz
=E2=88=83!isis=E2=92=B6wintermute:(master>)~/code/torproject/bananaphone =
=E2=88=B4 \
  echo -n 'c0f30b8a1ab2b4c9c2242b1b6cda9688c01462f8' | \
  python bananaphone.py pipeline \
  'rh_encoder("words,sha1,12", "random", "../../../fingerprint-corpus.txt")=
' > test1
=E2=88=83!isis=E2=92=B6wintermute:(master>)~/code/torproject/bananaphone =
=E2=88=B4 cat test1
beach pint heard phases Gallo giblet remands hares hiccups enlarge hates Po=
und Eisner unblock leakage lowdown desists prickly kilns motion tikes salti=
er cosiest incrust rarity Ulster wallops
=E2=88=83!isis=E2=92=B6wintermute:(master>)~/code/torproject/bananaphone =
=E2=88=B4 cat test1 | \
  python ./banaphone.py pipeline 'rh_decoder("words,sha1,12")'
c0f30b8a1ab2b4c9c2242b1b6cda9688c01462f8

An additional benefit to using Bananaphone would be that it doesn't
require the client-side (the TorLauncher side) to have the corpus (the
`fingerprint-corpus.txt` file, in the above example). Also, because of
this, BridgeDB could easily use Spanish, Arabic, etc. corpuses for
users who are perhaps unfamiliar with English words.

This, however, would mean that we'd need Banaphone written in JS.


> and also whatever Moxie is using for the Redphone fingerprint
> verification.  Is there any prospect of giving users the option to
> represent the bridge fingerprint that way?

This is a great idea.

The un-translation of the encoded fingerprint would likely need to
happen in either little-t tor or in TorLauncher.

I'm willing to take a patch to BridgeDB's UI templates to optionally
encode the fingerprint as a list of words, though I would prefer the
default display to give the actual fingerprint.

And I spoke briefly to Mike Perry about the possibility of including
such a decoder in TorLauncher. Mike said he's willing to merge the
patches, but unwilling to force the Pearl Crescent hackers (who
wrote/maintain TorLauncher) to use their time implementing this.

There is the possibility that, in the future, one of Tor's regular
funders will be sponsoring a thing called "Tor Challenge", which is
where Tor Project people point at small projects which require less
expertise yet which they would really like to see done, then someone
wanting to help out comes along and does whatever that small project
is and gets to collect the funding allotted to that Challenge. I'd
gladly add this to my list of things I want done.

> Or maybe adding a checksum field calculated as the first byte of the
> SHA512 of the fingerprint?

Also an interesting idea. But what if they type the checksum wrong?

> --
> Seth Schoen  <schoen@eff.org>
> Senior Staff Technologist                       https://www.eff.org/
> Electronic Frontier Foundation                  https://www.eff.org/join
> 815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107     =
                                                                           =
                         =20


[0]: https://tools.ietf.org/html/rfc1751
[1]: https://pypi.python.org/pypi/pycrypto
[2]: https://github.com/isislovecruft/bananaphone

--=20
 =E2=99=A5=E2=92=B6 isis agora lovecruft
_________________________________________________________
GPG: 4096R/A3ADB67A2CDB8B35
Current Keys: https://blog.patternsinthevoid.net/isis.txt

--XuV1QlJbYrcVoo+x
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQMhBAEBCgELBQJTxFm9BYMB4TOAVhSAAAAAACUAKGlzaXMrc2lnbnN1YmtleUBw
YXR0ZXJuc2ludGhldm9pZC5uZXRGQzYzQUE1Q0QxOTM4NjlDMzIzNzE0NUE1QzE3
Nzc2RTI3RjdFODRESxSAAAAAABoAKGlzaXNAcGF0dGVybnNpbnRoZXZvaWQubmV0
MEE2QTU4QTE0QjU5NDZBQkRFMThFMjA3QTNBREI2N0EyQ0RCOEIzNS4aaHR0cHM6
Ly9ibG9nLnBhdHRlcm5zaW50aGV2b2lkLm5ldC9wb2xpY3kudHh0LJhodHRwczov
L2Jsb2cucGF0dGVybnNpbnRoZXZvaWQubmV0L2lzaXMudHh0AAoJEFwXd24n9+hN
2oIP/00pknEmC07I7cGwvscke1wr5OoctE9Nxw4vy/6xngqCCYQhw0CqgruGpT8b
9zZL1BIJS5byNgym2ip4+vw/8IOKpzH0/hk1GadPWDMW0FaGnAjyv9IDTz4/C5iB
61inElO2raEz3kQF+Rerx1PKJYlzCbwyQb1E0ZfT2BMM+5DxbJMwJtbzMoOCggeC
MTXgs2Gh5pbz/j3M1wPED+/AYzXNGXOi3HPYuKWybAnP1wDVvNbQCO3qSiH0YjeG
vsxosfOecujq9iVpCMrUuN8hSHITIfWrXhCtWbewvNqk39az9HJL3YNpr/NLYohY
VdcvU7qoiFv1HUQFBKtIKzsjmAIOTn0TpDg5G+9/riTXX4LqBtgSYpj9k04Pj2FY
O7btPvL5iJVOz8B7DcgSEs5aMvTc1ijQlw+TiOfWRzIIrRVy5xjbFP3SlZFIUyZG
5L0baBvnpzYMHDmNk/CHw1ALhnKgv9uaN7wvaibFWGmlQM/aTYNatbM7fSGtK7iB
U6aHahHzqQCY7cGLnXJJdQNLf1NoidFu9tH4Tf00qdoJ49dZAYf0E1eBOhooYury
+O3VDb5VYpVfl9B2T58ZJfusT5X1XfAV5xQmodmwClovgsM4yPVUglWPKCcH2zs/
Gg/MNWAHQLCUhgbCqRmpD4c8KyB69QAJBPuHkOJWHLlfT0zm
=RKZ0
-----END PGP SIGNATURE-----

--XuV1QlJbYrcVoo+x--

--===============1253479772458046472==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============1253479772458046472==--

