[tbb-dev] Cloudflare's OPRFs

Jeff Burdges burdges at gnunet.org
Sun Dec 31 14:17:33 UTC 2017

I wrote to the Taler list <taler at gnu.org> about certificate concerns
with CloudFlare's OPRFs but never informed you guys. 

I'll re-edit the relevant email from 10 Nov 2017 below:

There are shades of a "bug door" in [CloudFlare's] no certificates
arguments :
- "The only thing edge to manage is a private scalar. No certificates."
- The edge's public key xG is "posted publicly [similar] to a
Certificate Transparency Log [and] "verifiable by all users and so the
deanonymization attack above would not be possible."

In other words, there is no plan for the Tor Project to control any
certificate authorizing the edge's public keys, ala an auditor key in
Taler.  There aren't even any promises made about any particular
certificate transparency scheme being employed to keep edges from
employing unique keys.  

I think their client software could track the public keys they see
themselves easily enough, but if different edge servers use different
keys then this becomes mostly useless.  If for example the transparency
log posts 256 keys supposedly used concurrently by 256 different edge
servers, but secretly all edge servers used all keys, then your edge
public key adds 8 bits of identifying information, but nothing looks
suspicious in the transparency log. 

I do think a certificate transparency scheme could address this concern,
but it's not exactly what one normally means by certificate

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tbb-dev/attachments/20171231/9d530875/attachment.sig>

More information about the tbb-dev mailing list