[tor-bugs] #9982 [Tor]: Use a better password-based KDF for controller passwords, authority identity key encryption, and more
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Oct 15 02:20:07 UTC 2013
#9982: Use a better password-based KDF for controller passwords, authority
identity key encryption, and more
-----------------------+------------------------------------
Reporter: nickm | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: tor-relay | Actual Points:
Parent ID: | Points:
-----------------------+------------------------------------
With the ed25519 key transition, we'll want to start bringing offline
identity keys to regular relay operators (and ideally hidden service
operators too somehow, if we can figure out a non-stupid way for it to
interact with #8106).
As we do this, we'll want a better password-based KDF. Right now we have
the very silly "NID_pbe_WithSHA1And3_Key_TripleDES_CBC" for protecting
authority keys, and the very silly OpenPGP KDF for hashing controller
passwords. Let's do something from the 21st century.
This is a bikeshed discussion. I nominate: "Derive keys with scrypt-jane,
with salsa20/8 and SHA512."
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9982>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list