[tor-talk] Ask for RSA key size upgrade
HardKor
hardkor.info at gmail.com
Fri Apr 6 14:54:06 UTC 2012
Thank you,
I read the documents. Actualy I'm a hidden service operator. And I worry
about the security of my public key.
I generated a 4096 bits key manually and started a hidden service with it.
Tor gnerated a hostname file but I desn't work ...
The only way I found to create a really secure communication channel is to
use HTTPS (with strong encryption) over Tor hidden services. And it make me
sad ...
.
When will the crypto improvements[1] be released ?
[1]:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new-crypto-sketch.txt
On Fri, Apr 6, 2012 at 3:07 AM, <andrew at torproject.is> wrote:
> On Fri, Apr 06, 2012 at 12:06:28AM +0200, hardkor.info at gmail.com wrote
> 0.8K bytes in 26 lines about:
> : I saw every RSA keys used in the onion network are 1024 bits long.
> : As it's advised by the NIST and explained in the attachment of this
> email,
> : it should not be called "secure".
>
> See https://www.torproject.org/docs/faq.html.en#KeyManagement to start.
>
> : I think the dev team of the Tor project should upgrade all default key
> : sizes to 2048 bits (or 4096 bits if it's not a problem).
>
> And then read
>
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-crypto-requirements.txt
> and
>
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-crypto-migration.txt
> and
>
> https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/ideas/xxx-new-crypto-sketch.txt
>
> --
> Andrew
> http://tpo.is/contact
> pgp 0x6B4D6475
> _______________________________________________
> tor-talk mailing list
> tor-talk at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>
More information about the tor-talk
mailing list