[tor-talk] Rendezvous RSA Exponent

Tor Talker tortalker at hidemeta.com
Mon Jul 14 16:05:23 UTC 2014


[I hope technical questions are appropriate here.  Please let me know if there is a better place for them.]

Is it OK to use an public exponent other than 65537 in hidden service RSA keys?

I've received reports that a couple of hidden servers using vanity rendezvous hostnames I made are unresponsive, even thought the server looks fine from the unencrypted internet.  In one case, a hidden service was (reportedly) unresponsive for 10 hours, but was back on line when I checked it.

The twist here is that I used libcrypto++ to generate RSA keys with public exponent 17.  A sentence in [https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/224-rend-spec-ng.txt] states:  "Except as noted, all RSA keys MUST have exponent
148 values of 65537."  I don't see mention of it in the original rendezvous spec.  Could my keys be the problem?

Also, these servers addresses will be openly associated with my project (and I'm not hiding my association with it), so it is fine if the unusual exponent marks them as such.



More information about the tor-talk mailing list