[tor-dev] is the consensus document unpredictable / unique?

[Razvan Dragomirescu]

Hello everyone,

I couldn't find a detailed description of the Tor consensus, so I'm
checking that my understanding of it is correct. Basically, would it be
correct to assume that the consensus document (or a hash thereof) for a
date in the future is an unpredictable value that will also be unique to
all nodes inquiring about it at that time?

I'm thinking of using a hash of the consensus document - like
http://171.25.193.9:443/tor/status-vote/current/consensus - as a descriptor
cookie in a hidden service. This way, an attacker cannot generate or
publish a hidden service descriptor for the future (one with a correct
cookie). A client can fetch the consensus at the time it wants to connect,
hash it, then use that as the descriptor cookie to determine the correct
descriptor id and decrypt the introduction point list.

Does anyone see any issues with this? In my project, the hidden service
private key is on a smartcard, so it can't be copied, you can only ask the
smartcard to sign something with it for you - and I'm trying to prevent an
attacker from generating hidden service descriptors in advance,to be used
without the smartcard. If future descriptors depend on an unpredictable
future value (the hash of the consensus at that time), an attacker can only
generate descriptors for past and current time periods.

Thank you,
Razvan

--
Razvan Dragomirescu
Chief Technology Officer
Cayenne Graphics SRL
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160626/33fab06c/attachment.html>