Encryption over Hidden Services
tormaster at xpdm.us
Fri Aug 6 13:44:08 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
On Fri, Aug 6, 2010 at 09:00, Robert Ransom <rransom.8774 at gmail.com> wrote:
> On Fri, 6 Aug 2010 03:07:12 -0700
> Mike Perry <mikeperry at fscked.org> wrote:
> > In the real world, it is disturbingly practical to compute .onion urls
> > that have a significantly large number of characters in common with an
> > arbitrary target url, in arbitrary positions of the url.
> > There was a program called 'shallot' which optimized hidden service
> > key generation to accomplish exactly this using THC's Fuzzy
> > Fingerprint technique. It seems to exist only in rumor and legend
> > these days, but if you would like an arbitrary snapshot of the code
> > that calls itself 0.0.1, I can post it somewhere.
I haven't worked on it in a while, but I wrote a Mono implementation
of a vanity onion generator as well You can find it here:
The main relevant portion is under src/Por.OnionGenerator.
> > It was originally created for the sake of creating vanity .onion urls.
> > ...
> > (and if your goal is to deceive a user into visiting or chatting with
> > your spoofed hidden service, why not use weak keys?).
> Also, it can search for keys whose hashes match an arbitrary regular
> expression, not just keys whose hashes have specified characters at the
> beginning and end.
PurpleOnion (Por) was intended to be a full Mono implementation of
Tor, but I didn't get that far. The PurpleOnion vanity generator also
uses an arbitrary regular expression for doing its matching and uses
multi-threading. It currently just uses the Mono framework's
implementation to generate the key pairs, but could probably be
optimized by writing it's own generating functions, including using
Mono.SIMD or CUDA in some form.
I may have to pull this back out of the mothballs to continue
hammering at it and run some more tests.
Ακακια את.ψο´, 3°
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (MingW32)
-----END PGP SIGNATURE-----
More information about the tor-dev