<p><br>
On Jan 14, 2012 8:55 AM, "Ian Goldberg" <<a href="mailto:iang@cs.uwaterloo.ca">iang@cs.uwaterloo.ca</a>> wrote:<br>
><br>
> On Fri, Jan 13, 2012 at 08:18:06PM -0600, Watson Ladd wrote:<br>
> > Dear all,<br>
> > After thinking hard about the issues involved with new cryptography in<br>
> > Tor I came to the following idea for a somewhat reasonable upgrade<br>
> > path for OP's and OR's that preserves everyone's privacy and security<br>
> > at all points (to the extent that this is possible: new connections<br>
> > are by new clients). The only issue is what actually goes out on the<br>
> > wire needs to be though through.<br>
> ><br>
> > First note that the connection between the identity used to ensure<br>
> > EXTEND cells go over canonical connections and the keys actually<br>
> > presented by two OR's that have formed a connection can be pretty much<br>
> > arbitrary: it isn't necessary for the client to know what it is. So we<br>
> > could have each OR have an identity key that stays 1024 bit RSA for<br>
> > old ORs while newer ORs trust some snazzy new elliptic curve key,<br>
> > while using the same 1024 bits to form the identity. Note that if we<br>
> > use elliptic curves to secure the endpoints,(and don't mind<br>
> > incompatibility with old clients) the RSA key doesn't even need to be<br>
> > an RSA key.<br>
><br>
> I'm not sure what you're saying in this last line. Are you saying that<br>
> the crypto uses the snazzy EC key, and the 1024-bit identity key is now<br>
> just an arbitrary 1024-bit string? That doesn't seem secure to me:<br>
> another OR can just publish that same string, along with its own snazzy<br>
> keys?<br>
Good catch: the identities in this scheme must remained tied to the RSA key, which I think has to be the case to support all clients. Changing that will be a flag day.<br>
><br>
> - Ian<br>
> _______________________________________________<br>
> tor-dev mailing list<br>
> <a href="mailto:tor-dev@lists.torproject.org">tor-dev@lists.torproject.org</a><br>
> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</a><br>
</p>