George Kadianakis desnacked@riseup.net writes:
Greetz,
I'm posting the draft of a proposal that specifies how to upgrade the identity keys of HSes (currently RSA-1024) to use Ed25519.
This proposal is supposed to go along with a proposal that specifies how to hide HS descriptors from HSDirs. I'm going to post that second proposal in a few minutes.
This proposal is incredibly drafty in the sense that I might have forgotten to specify things that need to be specified. On the other hand, "release early; release often" they say, so here it goes.
Inlining:
Filename: xxx-hs-ecc-id-keys.txt Title: Migrate HS identity keys to Ed25519
<snip>
3.1.1. Generation of short-term ed25519 service keys
Hidden Services generate an ed25519 service key for each introduction point -- instead of the RSA-1024 key they currently generate.
Since we are upgrading the service keys, we might also need to upgrade the RELAY_COMMAND_ESTABLISH_INTRO cell so that it can carry the new service keys.
Maybe we can add a <key type> field to a new RELAY_COMMAND_ESTABLISH_INTRO_2 cell?
Or we can use the current cell type, but try to distinguish between old-style and new-style service keys.