[tor-dev] (Draft) Proposal 224: Next-Generation Hidden Services in Tor

Nick Mathewson nickm at alum.mit.edu
Fri Aug 29 17:13:45 UTC 2014

On Fri, Dec 13, 2013 at 12:06 AM, Nicholas Hopper <hopper at cs.umn.edu> wrote:
> On Fri, Nov 29, 2013 at 7:27 PM, Nick Mathewson <nickm at torproject.org> wrote:
>>   Appendix A. Signature scheme with key blinding [KEYBLIND]
>> ...
>>   See [KEYBLIND-REFS] for an extensive discussion on this scheme and
>>   possible alternatives. I've transcribed this from a description by
>>   Tanja Lange at the end of the thread. [TODO: We'll want a proof for
>>   this.]
> A security proof for this scheme is available at:
> https://www-users.cs.umn.edu/~hopper/basic-proof.pdf
> (LaTeX sources at https://www-users.cs.umn.edu/~hopper/hs-identity-proof.git)
> It would be fantastic to get comments/discussion from the tor-dev
> community ahead of publishing this as a Tor Project tech report.

In a branch "ed25519_ref10" for review on ticket #12980, I've
implemented something not wholly dissimilar from the approach
discussed here.  Please have a look at my comments and questions there
to see how badly I've messed it up.

More information about the tor-dev mailing list