[tor-talk] Finally a Cloudflare captchas workaround thanks to next-gen onion services?
alec.muffett at gmail.com
Mon Feb 20 10:19:23 UTC 2017
On 20 February 2017 at 09:45, Georg Koppen <gk at torproject.org> wrote:
> I don't think so as I don't see how next generation .onion services
> solve the underlying problem.
I believe they are referring to something which I have also heard from CA/B
Forum, regards SSL certificates.
There's a general perception in industry - with some justification - that
SHA1 is bad.
And current Onion addresses are based on SHA1.
And they're only 80 bits, truncated SHA1.
So current onion addresses are bad, too.
Because a bad person could brute-force an 80 bit collision to hijack an
And that would be bad.
Also, it would be way easier** than (say) social-engineering a CA to
issue a certificate to a fake or phishing site.
Because that never** happens.
So: industry thinks that 80-bit cryptographic addresses are
brute-forceable, thus will not issue DV SSL certificates for them. Instead
they will only permit EV certificates to be issued.
After all, having trivially** collided an 80-bit hash and set up your fake
Facebook Onion, you don't want some CA's automated
"URL-secret-cookie-reachability"-based certificate generator to blindly
issue an SSL certificate for the fake onion, thereby putting the SSL stamp
of approval on the site; that would be bad.
Hence EV, which requires a more intimate relationship with the requester,
to mitigate this tremendous** security risk.
I suspect that the OP is pointing out that Prop224, with its 256-bit onion
addresses, will be much more resistant to brute force and therefore may be
more broadly acceptable to the trust/comms industry.
** your mileage may vary.
More information about the tor-talk