Key length and PK algorithm of TOR
Gregory Maxwell
gmaxwell at gmail.com
Sun Jan 2 01:46:34 UTC 2011
On Fri, Dec 31, 2010 at 10:17 PM, Nick Mathewson <nickm at freehaven.net> wrote:
> But to answer your questions, the main reason Tor doesn't use ECC now
> (and that its RSA keys are 1024 bits except for authority keys) is
> that back when we designed the relevant parts of the current Tor
[snip]
So— if someone had asked me about this I would have also pointed out
that using anything other than moderately sized RSA in the transport
security would make it impossible for Tor to look at all like a random
SSL (e.g. a http client/server) and thus be more vulnerable to
blocking by even the laziest attackers.
I haven't seen this point raised in this thread, so I'm wondering if
I'm misunderstanding or if it's just not being mentioned because even
ignoring the ciphersuite selection blocking tor based on the
on-the-wire behavior isn't especially difficult.
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list