[tor-bugs] #25576 [Core Tor/Tor]: Fix non-standard use of keccak in v3 hidden service code
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sun May 20 04:01:10 UTC 2018
#25576: Fix non-standard use of keccak in v3 hidden service code
-------------------------------------------------+-------------------------
Reporter: isis | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version: Tor:
| 0.3.0.1-alpha
Severity: Normal | Resolution:
Keywords: cryptography, crypto, tor-hs, | Actual Points:
handshakes |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
Although it is a non-standard use and KMAC is better for Keccak, an HMAC
not using a Merkle-Damgård hash in this case is not a big deal, according
to [https://crypto.stackexchange.com/questions/15782/how-secure-would-
hmac-sha3-be Cryptography] on StackExchange:
>Thus, the claimed security level of HMAC-SHA3 is the same as the overall
maximum attainable security level for HMAC, or any other deterministic
iterated MAC construction, with the same effective internal state size.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25576#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list