[tor-talk] General question regarding tor, ssl and .onion.
biolizard89 at gmail.com
Sun Aug 9 05:00:56 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
On 08/09/2015 01:04 AM, Seth David Schoen wrote:
> Jeremy Rand writes:
>> It's theoretically possible to use naming systems like Namecoin
>> to specify TLS fingerprints for connections to Tor hidden
>> services, which would eliminate the need for a CA. I'm hoping to
>> have a proof of concept of such functionality soon.
> Is there a way to prevent an attacker from simply claiming the
> same identifier in Namecoin before the actual hidden service
> operator does?
By "identifier", you mean the .onion name? If so, then yes, there are
a few ways this could be done. One potential method is to have the
client look up names by prefix rather than exact match, so that if you
have xyz.onion, the client looks up all Namecoin names that *begin*
with xyz.onion, and the client will look through them until it finds
one whose value includes a signature signed by the .onion key. An
attacker could try to spam the namespace with lots of names that have
invalid .onion signatures, but given name fees this would be a quite
expensive attack and would only slow down the lookup rather than stop
it from working. This functionality (specific to .onion) is not
implemented at the moment, but fast prefix lookups are implemented in
namecoind in a dev branch (which will hopefully be merged to master
soon), so this isn't something that would be incredibly hard to do.
If there's specific interest in this kind of functionality, I can
inquire into whether we can merge the fast prefix lookups code now --
let me know if you'd like me to do so.
- -Jeremy Rand
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
-----END PGP SIGNATURE-----
More information about the tor-talk