Delivery-Date: Mon, 30 Jun 2014 10:11:43 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-3.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	FREEMAIL_FROM,LOTS_OF_MONEY,RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,
	URI_HEX autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id D6A941E08BB
	for <archiver@seul.org>; Mon, 30 Jun 2014 10:11:40 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 6CF192C439;
	Mon, 30 Jun 2014 14:11:37 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 221D92C2D0
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 14:07:52 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Nw7auAbcrPJY for <tor-talk@lists.torproject.org>;
 Mon, 30 Jun 2014 14:07:52 +0000 (UTC)
X-Greylist: delayed 551 seconds by postgrey-1.34 at eugeni;
 Mon, 30 Jun 2014 14:07:51 UTC
Received: from smtp-01-out.s.azet.sk (smtp-09-out.s.azet.sk [91.235.53.34])
 by eugeni.torproject.org (Postfix) with ESMTP id DF9452C28A
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 14:07:51 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=azet.sk; s=azet;
 t=1404136717; bh=0nkKZcoJx74wcsLhIUEBHZgEpuZHgk7+jivM8OtGmjw=;
 h=Date:From:To:Subject:From;
 b=KOTifDLc3LxVSoxtJmsW4WQJItsJ1pPR9FzpkImBXFwyMeWQwSGSezTytZI7KetIs
 vLnNorpyatdv0Nh4+EOB5j7/w71vFUJpiSW58ODkbhYLvGqfdbnFV7Q4KQ2iDY06lu
 V8VKitKiudGD2DU8JPN39GG9FUgAlpFN09uDw/kQ=
X-Virus-Scanned: by AntiSpam at azet.sk
Received: from [0.0.0.0] (tor20.anonymizer.ccc.de [31.172.30.3])
 (Authenticated sender: fedor.brunner@azet.sk)
 by smtp.azet.sk (Postfix) with ESMTPA id 4772A67
 for <tor-talk@lists.torproject.org>; Mon, 30 Jun 2014 15:58:31 +0200 (CEST)
X-SenderID: Sendmail Sender-ID Filter v1.0.0 smtp.azet.sk 4772A67
Authentication-Results: smtp.azet.sk; sender-id=fail (NotPermitted)
 header.from=fedor.brunner@azet.sk; auth=pass (PLAIN);
 spf=fail (NotPermitted) smtp.mfrom=fedor.brunner@azet.sk
Message-ID: <53B16D06.50701@azet.sk>
Date: Mon, 30 Jun 2014 15:58:30 +0200
From: Fedor Brunner <fedor.brunner@azet.sk>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Hidden service 1024-bit
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512



The TOR Hidden service uses 1024-bit long-term RSA key.

According to this document it appears possible to break a 1024-bit RSA
key in one year using a device whose cost is about $10M

http://www.tau.ac.il/~tromer/papers/cbtwirl.pdf

According to "FactHacks: RSA factorization in the real world" any
1024-bit key can be factored in 2^80 operations by NFS (number-field
sieve).
http://cr.yp.to/talks/2012.12.28/slides.pdf

Feasible today for botnets and for large organizations.
Will become feasible for more attackers as chips become cheaper.

Is is possible to replace the 1024-bit RSA key in Hidden Services with
a longer key? Or is it possible to replace it with Ed25519 ?

http://ed25519.cr.yp.to/

Fedor


-----BEGIN PGP SIGNATURE-----

iQJ8BAEBCgBmBQJTsW0GXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ4QkVFQ0NBRDcyNzU1RTk2RTQwMzlEQjc2
RTE3NDA5NTQwNTY2M0FEAAoJEG4XQJVAVmOt/x4P/1mbRivkxUNW0RCLBAtol9oN
5WWoPR9Zi4o+6k+xP7SZdi29PHPnSHYnPKzBF0mnNr9dz8ETUioSntREtj+7Y5JO
wsmkT+TIapyvWY2rEijCCMvEMnKtvxbvIoSUpUYukZeRlJpm1ECw+GvmwdXvArnY
YUowSjrZx5zlYX4XK8gZ5/i+R1VxByHsfGKj/h3ByhrIRRl4swzbglnnjFPZV17y
x9ZgmcSeXPr4Z5QEIghJvi+rbTRGjJaj8/a/pjk9nWL/glm4y/uCgfg0/OrMYqwR
DRgWuQ2ovef0FdBTGzc0DH3RJhPWEFZX/+zDlkRk5N8J5K1jm3mFwTy7xq1jCrWV
BPZgI6uh2kyQ5DFLEznxKJstKsNdNnWCcmZn+PIybuoNhwK3lWpgJwV7kPApWEKU
mU8h2OvplxjzeI3fOL7rx26OjvFdjYkEhUMp/LjpvrXsqtXOo9+7H7ub4dBacycS
1wtaN87tqvSb+QVBEDykE6WAG+pOpSdENO0BE4pbES9e0et8yqCQOSOZWol4gOxZ
nl/ZlQULWRAODv39TvE2+aYgZGVaH1eivxGGQ/EuTesLIF/vLRbBqjjrEM2NO4G5
PTbDp9U8m/KHnJoK3+5vrCP5EgnQ/KK5bV1vFGtN6D5CH+f8nz/u4WA9nRKcD0Pj
OHYbJEeqZ73tMHjxf4RH
=7fgV
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

