[tor-dev] augmenting RSA identities/signatures with ECC and beyond
Eugen Leitl
eugen@leitl.org
Sun Aug 4 05:42:42 PDT 2013
----- Forwarded message from Jacob Appelbaum <jacob@appelbaum.net> -----
Date: Sun, 04 Aug 2013 01:29:45 +0000
From: Jacob Appelbaum <jacob@appelbaum.net>
To: tor-dev@lists.torproject.org
Subject: [tor-dev] augmenting RSA identities/signatures with ECC and beyond
Reply-To: tor-dev@lists.torproject.org
Hi,
Linus and I had an interesting discussion at IETF 87 this past week in
Berlin. We're both concerned about long term Directory Authority
identity keys as well consensus signing with RSA keys.
We've agreed that we're interested in writing a proposal whereby we add
additional identity keys for authorities. Thus, we'll have whatever
security may be provided by RSA and the security that should be provided
by ECC signatures. The work on ntor should directly assist us in having
almost all the required crypto we'll need for such augmentation.
I tend to think that every directory authority should generate an
additional and new long term ECC identity key. This will require that
tor-gencert is extended to understand both ECC and RSA. We'll want to
add these fingerprints to src/or/config.c for each respective DA.
We'll want each directory authority to sign with both RSA and ECC. We'll
also want to extend the consensus format to handle publication of such
signatures. Older clients should be able to parse the consensus without
worry and they will check RSA signatures as always. Newer clients should
check both and report a mismatch into the logs at a high level. When
combined with ntor, I believe that we will have significantly improved
the cryptography in Tor.
It would be nice to be able to add other signature schemes -
specifically for pq crypto related undertakings. In an ideal world, I'd
like to be able to sign the consensus from my directory authority with
RSA, ECC and some kind of djb approved, tanja tested post-quantum
computer signature construct.
What do you think we should consider as we draft this proposal?
All the best,
Jacob
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5
More information about the cypherpunks
mailing list