Opened 5 years ago

Last modified 3 years ago

#18509 new enhancement

Summarize our crypto migration plans in one place

Reported by: arma Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-doc developer-doc
Cc: catalyst Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


Tor has a bunch of crypto use throughout its design: link encryption (nist-style tls), relay identities (1024-bit rsa, soon to be ed25519), circuit handshakes (ntor, but we still support tap), cell crypto (aes), onion service identities (1024-bit rsa, but soon to be this complicated thing), and probably a few more.

People keep misunderstanding where we are in the crypto migration plan ("omg tor still uses 1024-bit rsa"). It would be nice to have it all written out in one place that we can reference.

Child Tickets

Change History (9)

comment:1 Changed 5 years ago by nickm

Things we do not like:

  • RSA1024
  • SHA1 when relied upon for collision resistance
  • DH1024
  • And what else?

Things we would prefer to do differently:

  • ECC without PQ fallback
  • AES-CTR as used in Tor relay cell encryption
  • TLS before 1.3 (which does not yet exist)
  • AES 128
  • SHA1 when relied upon for (second) preimage resistance
  • And what else?

comment:2 Changed 5 years ago by yawning

Things that should happen at some point:

  • Deprecate TAP (Prop 224, Prop 266)
  • Migrate to ECC + PQ for link layer handshakes (Prop 263)
  • Migrate to 256 bit symmetric crypto (Prop 261)
  • PQ authentication/signatures (No suitable primitives exist)

Things that maybe should happen:

  • Stop using TLS?

comment:3 Changed 4 years ago by nickm

Milestone: Tor: 0.3.0.x-final

comment:4 Changed 4 years ago by isis

There are the notes I took on the last session on the changes to tor's crypto:

Is that what we're looking for? Or some more formal document?

comment:5 Changed 4 years ago by nickm

Looks like a good start! I'm not looking for anything more formal, but something a little more user-facing that we can use to explain to people what's done, what isn't done, and what that means for practical purposes.

comment:6 Changed 4 years ago by dgoulet

Keywords: triage-out-030-201612 added
Milestone: Tor: 0.3.0.x-finalTor: unspecified

Triaged out on December 2016 from 030 to Unspecified.

comment:7 Changed 3 years ago by nickm

Keywords: triage-out-030-201612 removed

comment:8 Changed 3 years ago by nickm

Keywords: tor-doc developer-doc added

comment:9 Changed 3 years ago by catalyst

Cc: catalyst added
Note: See TracTickets for help on using tickets.