Hi Razvan, The consensus has signatures from all directory operators on it, and computing those ahead of time requires a lot of private keys. Because they also all contain the date, they're all unique. So yea, they're both unique and unpredictable.
As for your idea: it should be noted that there is not a single valid consensus. At any time there may be several valid ones and clients may have different active ones, as all consensuses are valid for a few hours but generated hourly. Using the hash as a descriptor cookie may thus be troublesome. Tom > On 25 Jun 2016, at 23:52, Razvan Dragomirescu <[email protected]> > wrote: > > Hello everyone, > > I couldn't find a detailed description of the Tor consensus, so I'm checking > that my understanding of it is correct. Basically, would it be correct to > assume that the consensus document (or a hash thereof) for a date in the > future is an unpredictable value that will also be unique to all nodes > inquiring about it at that time? > > I'm thinking of using a hash of the consensus document - like > http://171.25.193.9:443/tor/status-vote/current/consensus - as a descriptor > cookie in a hidden service. This way, an attacker cannot generate or publish > a hidden service descriptor for the future (one with a correct cookie). A > client can fetch the consensus at the time it wants to connect, hash it, then > use that as the descriptor cookie to determine the correct descriptor id and > decrypt the introduction point list. > > Does anyone see any issues with this? In my project, the hidden service > private key is on a smartcard, so it can't be copied, you can only ask the > smartcard to sign something with it for you - and I'm trying to prevent an > attacker from generating hidden service descriptors in advance,to be used > without the smartcard. If future descriptors depend on an unpredictable > future value (the hash of the consensus at that time), an attacker can only > generate descriptors for past and current time periods. > > Thank you, > Razvan > > -- > Razvan Dragomirescu > Chief Technology Officer > Cayenne Graphics SRL > _______________________________________________ > tor-dev mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
