[tor-bugs] #3207 [Tor Relay]: limit more keys to the exponent we specify

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Tue May 17 12:03:28 UTC 2011 

#3207: limit more keys to the exponent we specify
-------------------------+--------------------------------------------------
 Reporter:  arma         |          Owner:                  
     Type:  enhancement  |         Status:  needs_review    
 Priority:  normal       |      Milestone:  Tor: unspecified
Component:  Tor Relay    |        Version:                  
 Keywords:               |         Parent:                  
   Points:               |   Actualpoints:                  
-------------------------+--------------------------------------------------
Changes (by rransom):

  * status:  new => needs_review


Comment:

 Replying to [comment:3 asn]:
 > Replying to [comment:1 arma]:
 > > Are we ever going to want keys with different exponents, in the
 distant future? Or is it always a bad idea for sure?
 > >
 > > My crypto crystal ball is not good enough, but some external advice
 might be good here.
 >
 > Cryptographically, I don't see any problems with this. OAEP solved same
 small exponents attacks years ago, and 65537 is not a small exponent
 either.
 > Wikipedia also says:
 > "The NIST Special Publication on Computer Security (SP 800-78 Rev 1 of
 August 2007) does not allow public exponents e smaller than 65537, but
 does not state a reason for this restriction."
 >
 > rransom said on IRC that he didn't also restrict the identity key
 exponent because it's public in the TLS handshake and might be
 fingerprintable, which is a valid thought, but generally *most* RSA
 exponents are 65537 nowadays.
 >
 > rransom also said that he had a patch for onion keys in microdescriptors
 that didn't get merged. He said he pushed it to his public repo but I
 didn't manage to find it.

 I said that I would push that patch, not that I had pushed it. And then I
 distracted myself for a few hours.

 See [https://gitweb.torproject.org/rransom/tor.git/shortlog/refs/heads/hs-
 client-input-validation-fixes-022 hs-client-input-validation-fixes-022] (
 !git://git.torproject.org/rransom/tor.git hs-client-input-validation-
 fixes-022 ).

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3207#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list