[tor-dev] Draft of proposal "Migrate HS identity keys to Ed25519"

George Kadianakis desnacked at riseup.net
Sat Aug 17 10:22:32 UTC 2013

George Kadianakis <desnacked at riseup.net> writes:

> Greetz,
> I'm posting the draft of a proposal that specifies how to upgrade the
> identity keys of HSes (currently RSA-1024) to use Ed25519.
> This proposal is supposed to go along with a proposal that specifies
> how to hide HS descriptors from HSDirs. I'm going to post that second
> proposal in a few minutes.
> This proposal is incredibly drafty in the sense that I might have
> forgotten to specify things that need to be specified. On the other
> hand, "release early; release often" they say, so here it goes.
> Inlining:
> Filename: xxx-hs-ecc-id-keys.txt
> Title: Migrate HS identity keys to Ed25519
> <snip>
> 3.1.1. Generation of short-term ed25519 service keys
>     Hidden Services generate an ed25519 service key for each
>     introduction point -- instead of the RSA-1024 key they currently
>     generate.

Since we are upgrading the service keys, we might also need to upgrade
the RELAY_COMMAND_ESTABLISH_INTRO cell so that it can carry the new
service keys.

Maybe we can add a <key type> field to a new RELAY_COMMAND_ESTABLISH_INTRO_2 cell?

Or we can use the current cell type, but try to distinguish between
old-style and new-style service keys.

More information about the tor-dev mailing list