[tor-dev] Discussion on the crypto migration plan of the identity keys of Hidden Services

adrelanos adrelanos at riseup.net
Fri May 17 15:09:17 UTC 2013

George Kadianakis:
> Thoughts?

Can you make .onion domains really long and therefor really safe against
brute force?

Or have an option for maximum key length and a weaker default if common
CPU's are still too slow? I mean, if you want to make 2048 bit keys the
default because you feel most hidden services have CPU's which are too
slow for 4096 bit keys, then use 2048 bit as default with an option to
use the max. of 4096 bit.

Bonus point: Can you make the new implementation support less painful
updates (anyone or everyone) when the next update will be required?
(forward compatibility)

More information about the tor-dev mailing list