Delivery-Date: Fri, 31 Oct 2014 09:03:05 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 5075B1E0269;
	Fri, 31 Oct 2014 09:03:04 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id AD217318AE;
	Fri, 31 Oct 2014 13:02:42 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id CFA3B318AC
 for <tor-talk@lists.torproject.org>; Fri, 31 Oct 2014 13:02:38 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id KBmKLk2cEwLZ for <tor-talk@lists.torproject.org>;
 Fri, 31 Oct 2014 13:02:38 +0000 (UTC)
Received: from glue.grepular.com (flan.grepular.com [198.211.125.252])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mx1.grepular.com",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 79CF9318AA
 for <tor-talk@lists.torproject.org>; Fri, 31 Oct 2014 13:02:38 +0000 (UTC)
Received: by glue.grepular.com (Postfix, from userid 1006)
 id 0C15038A0434; Fri, 31 Oct 2014 13:02:34 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.grepular.com;
 s=glue2; t=1414760555;
 bh=+qD+U+UPo1Mib+typGoE5mg1NX094JJL8ocadNiHSnk=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=NtHg03rh50X4K2XxC/4pFWAFBuHIQQspCG0vVOsBBO2SheKgAvFiVLlBc/C5CeFf1
 QXPjWFAGqYFX14efEoXZc4Kb1TCc4z5/YQ94jpwtQtCQnzePcXvrgGGLtYOG/lmsWD
 W2E6FAvdQehyCs5JW9OkuxiBeYjC7y32lR3N3CS4=
X-RR: <iframe width='420' height='315'
 src='//www.youtube.com/embed/dQw4w9WgXcQ?autoplay=1' frameborder='0'
 allowfullscreen></iframe>
Date: Fri, 31 Oct 2014 13:02:34 +0000
From: Mike Cardwell <tor@lists.grepular.com>
To: tor-talk@lists.torproject.org
Message-ID: <20141031130234.GA6898@glue.grepular.com>
References: <20141031122302.GA5554@glue.grepular.com>
 <20141031125427.GQ35778@moria.seul.org>
MIME-Version: 1.0
In-Reply-To: <20141031125427.GQ35778@moria.seul.org>
Subject: Re: [tor-talk] Facebook brute forcing hidden services
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============5649600656692430453=="
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


--===============5649600656692430453==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="1yeeQ81UyVL57Vl7"
Content-Disposition: inline


--1yeeQ81UyVL57Vl7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

* on the Fri, Oct 31, 2014 at 08:54:27AM -0400, Roger Dingledine wrote:

>> https://www.facebook.com/notes/protect-the-graph/making-connections-to-f=
acebook-more-secure/1526085754298237
>>=20
>> So Facebook have managed to brute force a hidden service key for:
>>=20
>> http://facebookcorewwwi.onion/=20
>>=20
>> If they have the resources to do that, what's to stop them brute
>> forcing a key for any other existing hidden service?
>=20
> I talked to them about this. The short answer is that they did the vanity
> name thing for the first half of it ("facebook"), which is only 40 bits
> so it's possible to generate keys over and over until you get some keys
> whose first 40 bits of the hash match the string you want.

Getting one ending "corewwwi" seems incredibly lucky to me. Did they tell
you how many keys they generated starting with "facebook" and how long it
took them?

--=20
Mike Cardwell  https://grepular.com https://emailprivacytester.com
OpenPGP Key    35BC AF1D 3AA2 1F84 3DC3   B0CF 70A5 F512 0018 461F
XMPP OTR Key   8924 B06A 7917 AAF3 DBB1   BF1B 295C 3C78 3EF1 46B4

--1yeeQ81UyVL57Vl7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQGGBAEBCgBwBQJUU4hqMBSAAAAAACAAB3ByZWZlcnJlZC1lbWFpbC1lbmNvZGlu
Z0BwZ3AuY29tcGdwbWltZTgUgAAAAAAVABpwa2EtYWRkcmVzc0BnbnVwZy5vcmdt
aWtlLmNhcmR3ZWxsQGdyZXB1bGFyLmNvbQAKCRCdJiMBwdHnBFYIB/42j/Br3yP9
cKfQNFlR9qsAET6X/4ARy/6CrVc/kgHGMc+HKpchUdJp0P3NZTtfwcg/BiTrHhVE
spkH+yIQOefRWIQ+6rR/3LrqlyYNLNf+GrmKivKyTQosZ6kpBHEirzcJUfzVagxo
av16Kf1iTjsXoKDVuXfFObAdJFq0cKJ2CDoJoRod52pdUIjU5m1ZMgfY47Ez6rQ6
SsyzaSWU0ezXn7Evbvau4H6VvHq4CJXnOnrSSgusuBwOGl/LxEIxXGuAyohfISKg
r+lFqlqqgNfeS8sBfwcG/aU1fAmpTj09sVjBet6yV2ospNBIiDOYNYPQr6szzmTo
8rsHqWMvdEhq
=O8S9
-----END PGP SIGNATURE-----

--1yeeQ81UyVL57Vl7--

--===============5649600656692430453==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

--===============5649600656692430453==--

