Opened 12 months ago

#26291 new project

find all instances of SHA-1 in our design and implementation and kill them with fire

Reported by: isis Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: sha1, crypto, technical-debt, hidden-services, hash-functions
Cc: Actual Points:
Parent ID: Points: 9001
Reviewer: Sponsor: SponsorV-can

Description

This is a parent ticket for finding every use of SHA-1 in our specs/design and code, detailing it, and coming up with a plan to replace it.

From the Seattle notes, we use truncated SHA-1 in v2 onion services and relay_crypt_one_payload(), and we use full width SHA-1 for relay fingerprints and, again, v2 onion services. Nick has also written a draft document detailing where we use SHA-1, however it is presently outdated and incorrect in some places.

Child Tickets

Change History (0)

Note: See TracTickets for help on using tickets.