[tor-bugs] #29054 [Core Tor/Tor]: prop224: Implement offline keys for v3 onion services

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Jan 11 12:54:49 UTC 2019 

#29054: prop224: Implement offline keys for v3 onion services
------------------------------+------------------------------
     Reporter:  s7r           |      Owner:  (none)
         Type:  enhancement   |     Status:  new
     Priority:  Medium        |  Milestone:  Tor: unspecified
    Component:  Core Tor/Tor  |    Version:  Tor: 0.3.5.7
     Severity:  Normal        |   Keywords:  prop224, tor-hs
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+------------------------------
 Prop224 is designed to support offline master keys for v3 onion services,
 a great functionality that has many advantages and becomes more and more
 discussed in threat models. Logging this ticket now to keep track of it,
 even if it's not urgent at the moment.

 This is what seams to be needed at first look (might end up as child
 tickets to this one):

 1. Implement temporary keys + certificates signed by master onion service
 key with limited validity for v3 onion services.

 2. Implement a small utility tool in Tor so that users can create such
 onion service keys offline, similar to `tor --keygen` for relays, with a
 secondary argument of `--keylifetime` which defaults to 30 days but can be
 changed to any value user prefers.

 3. Implement torrc option `HiddenServiceOfflineKey 0|1` (that defaults to
 0) so Tor will know it must not try to generate the onion service master
 key if missing from disk, or even look for it.

 ''Most of the logic and behavior from ed25519 offline master key for
 relays should be applied at these first 3 points as well.''

 4. Implement mnemonic seed backup for onion service master key, so the
 same private key can be restored using a string of words that produce the
 same parameters for the curve. This is simple and widely
 tested/implemented for secp256k1, and implementing for our needs and
 threat model is simple and totally worth it from user experience
 perspective.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29054>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list