On 2011-11-04, Robert Ransom <[email protected]> wrote: > On 2011-11-04, George Kadianakis <[email protected]> wrote:
>> To avoid problems associated with the human condition, schemes >> based on public key cryptography and certificates can be used. A >> public and well tested protocol that can be used as the basis of a >> future authorization scheme is the SSH "publickey" authorization >> protocol. > > Secret keys for DSA (with a fixed group) and EC-based signature > schemes can be short enough to be fairly easy to transport. Secret > keys for RSA are a PITA to transport, unless you either (a) specify a > deterministic key-generation procedure, or (b) make the public key > available to all clients somehow, and provide enough information to > clients intended to access a bridge that the client can factor the > modulus efficiently. Um. On second thought, this is just freaking ridiculous (especially my paragraph). We don't want each client to have to generate a public-key authentication keypair and send its public key to the bridge in advance; that would be a nightmare to implement with our current bridge infrastructure. So the only sensible ways to use public-key authentication seems to be to give the same secret key to every authorized client (i.e. distribute it like a password) (see Telex), and then we might as well use a (shorter) shared-secret password (unless we need magic features of a specific cryptosystem like the ‘public-key steganography’ used in Telex). Robert Ransom _______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
