Delivery-Date: Thu, 30 Oct 2014 22:34:48 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 20D071E0C64;
	Thu, 30 Oct 2014 22:34:47 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 245E731814;
	Fri, 31 Oct 2014 02:34:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6CF2A3107C
 for <tor-talk@lists.torproject.org>; Fri, 31 Oct 2014 02:34:27 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id fRrZ59jN6j_Y for <tor-talk@lists.torproject.org>;
 Fri, 31 Oct 2014 02:34:27 +0000 (UTC)
Received: from mail.bitmessage.ch (mail.bitmessage.ch [146.228.112.252])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id E8E4C31238
 for <tor-talk@lists.torproject.org>; Fri, 31 Oct 2014 02:34:25 +0000 (UTC)
dkim-signature: v=1; a=rsa-sha256; d=bitmessage.ch; s=mail;
 c=relaxed/relaxed; q=dns/txt;
 h=From:Subject:Date:Message-ID:To:MIME-Version:Content-Type:Content-Transfer-Encoding:In-Reply-To:References;
 bh=nGi08A+sZ4i77wbvswTXHci3C+iFn1fUdInbHpq9HOY=;
 b=ZQYg5aGp9Y3jOvY2LThk0mk7mhKKqkMYZJK9fEio+iR7bZdDUqKFMQArbJYJhar0ozBDvkKimDx5fhTaq1zlMC11JP2ZpFgt+4R7eiUEhwW6cN+fJL7F4FnDlrJVtpzuImOC8m3LFUe5Io2Kz4ccL7ZFAcX18taRDkkHakXKE2M=
Received: from bitmailendavkbec.onion (BITMESSAGE [127.0.0.1])
 by mail.bitmessage.ch with ESMTPA ; Fri, 31 Oct 2014 03:33:31 +0100
X-Squirrel-UserHash: BiRDVQY7AmxBcHdjACEbPlZaKU1AdAJlCg4FFyk7NmtVSglQMikMDhEDFl1DWVZQagoG
X-Squirrel-FromHash: cw9eV1VeQx8=
Message-ID: <a46282a7e24f08598ab75c7d4b3e71c5.squirrel@bitmailendavkbec.onion>
In-Reply-To: <CAKDKvuz2403uV==DDRFOiv4JCaO17v7BsBpLDW1bY+z4ssAxWg@mail.gmail.com>
References: <a06cb37688824cd1b4472ff571155c90.squirrel@bitmailendavkbec.onion>
 <CAKDKvuz2403uV==DDRFOiv4JCaO17v7BsBpLDW1bY+z4ssAxWg@mail.gmail.com>
Date: Thu, 30 Oct 2014 19:33:31 -0700
From: BM-2cUqBqHFVDHuY34ZcpL3PNgkpLUEEer8ev@bitmessage.ch
To: tor-talk@lists.torproject.org
User-Agent: SquirrelMail/1.4.22
MIME-Version: 1.0
X-Priority: 3 (Normal)
Importance: Normal
Subject: Re: [tor-talk] Questions about crypto used in TAP/Ntor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Dear Nick,

I want to thank you very much for your clear and explicit answer. This is
what a transaparent and open-source project is all about. Thanks to people
with your attitude such communities go forward and grow in perfomance.

Obviously you were incomparable smarter (I don't have to say it, it can be
seen from 1 million miles) than our friend who had a feeling I am from the
NSA :) To be honest, I am just comparing the crypto primitives used in Tor
to the current standards from NIST, etc. I haven't asked anything which I
shouldn't know.

I have read the proposal, sounds way better than what we currently have.
Hope it will be active as soon as possible.

Maybe you get the chance to look into the Hidden Services (I know a
proposal exists there but couldn't find it) so that they will be more
secure, scalable and DoS resitant, including protecting the Hidden Service
Directories.

Again, thank you for your patience and explicit reply.

> On Thu, Oct 30, 2014 at 2:22 PM,
> <BM-2cUqBqHFVDHuY34ZcpL3PNgkpLUEEer8ev@bitmessage.ch> wrote:
>> Dear experts,
>>
>> Want to clarify some things:
>>
>> 1. The fignerprint of a Tor relay which is advertised in the direcotry
>> data is a SHA1 sum of which key? Sice now a relay has a secret onion key
>> and a secret key for Ntor.
>
> Neither one; it's a fingerprint of the identity key. (That's the one
> called "signing-key" in the descriptors.)  See section 1.1 of
> tor-spec.txt for a list of keys.
>
>> 2. The fingerprint (since it's a hash sum of the key) is what strengths
>> encryption between relays or clients and relays, kind of like a CA in
>> SSL?
>> That is why the directory authorities sign the list of fingereprints -
>> is
>> this correct?
>
> These identity key fingerprints are used to authenticate link
> encryption, to know you've done a TLS connection to the right node.
> They're used to sign all the other keys.
>
>> 3. How strong is Ntor compared to TAP? As I can see in latest Tor
>> version
>> now clients prefer Ntor by default - are there any plans to deprecate
>> TAP
>> in teh future?
>
> ntor is probably as strong as curve25519; TAP is probably as strong as
> dh1024. (So, ntor is probably far far stronger than TAP.)
>
> I'd like to deprecate TAP.  Some time in the next 2-8 months, for
> instance, I'd like to make authorities reject relays that don't
> support ntor.  That should be sufficient to stop clients running 0.2.4
> and later from having to use TAP.
>
>> 4. The fingerprint is a SHA1 hash, as described in the papers. Any plans
>> to move in the immediate future to a stronger hash algorithm, like
>> SHA256?
>
> I'm working on implementing proposal #220 right now, which migrates
> relay identities to (unhashed) Ed25519 keys.
>
> [tor-spec.txt]
> https://gitweb.torproject.org/torspec.git/blob_plain/HEAD:/tor-spec.txt
> [proposal 220]
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/220-ecc-id-keys.txt
> [implementation in progress]
> https://trac.torproject.org/projects/tor/ticket/12498
> --
> Nick
> --
> tor-talk mailing list - tor-talk@lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>



-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

