Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Mostly a summary... http://tools.ietf.org/html/rfc1751 http://en.wikipedia.org/wiki/S/KEY http://en.wikipedia.org/wiki/OPIE_Authentication_System http://en.wikipedia.org/wiki/OTPW These still work well for simple OTP systems. The words are also simple English. http://www.sinic.name/docs/bachelor.pdf This and the proposal in the subject seems interesting but using entire dictionaries? Who knows how to spell some of them or what they mean. That makes things harder for the mind. Namecoin, which supports mapping memorable .bit addresses to .onion addresses. In theory, the only way to seize/censor a .bit address is a 51% attack. Namecoin supports mapping names to Tor hidden services, as well as I2P and Freenet sites. Obviously you need to use a Namecoin implementation that's a proxy instead of a DNS server, but that's not a big deal (nmcsocks already implements this). It seems conceivable that world governments may choose to dislike *coin systems and inject their own processing power to dispel them. How does the work needed to do that stack up against attacks on any other distributed system, or Tor itself. Please consider that not everyone's native language is english. Nor is everyone's language Greek, or ASCII, 8bit or wide. Why not just collect onion addresses in an encrypted file? There are about 400 known onions online at the moment. Most of which are listed on one or two known onions. Sure, there are concerns with bookmarking or writing them down. For those people, googling will get them to the lists. Where all the other sensitive files are, and updated as needed. Maybe the distributed system would publish on announce and eventually reach your .tor directory. Note that this is not the same as torproject risking listing/promotion any given .onion (or subset) as an intro point. You might want to look up how they did things before DNS was invented. Yes, this. Hmm, What do you think? Should I post this to tor-dev? What may be driving these sorts of threads is people don't necessarily want name encoding schemes (after all 16.onion is one suitable way for that), but vanity names. Is there a good encoding scheme? Or more likely, failing that... Which distributed vanity systems could resist say 80 bits worth of attack energy? Or alternatively, whatever = (large) x (current world cpu power). ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Why not just collect onion addresses in an encrypted file? ... On 2/24/2012 5:36 AM, Ahmed Hassan wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. [snip] ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
and store that file where? How that encrypted file will be updated? On Sat, 2012-02-25 at 04:09 -0500, eliaz wrote: Why not just collect onion addresses in an encrypted file? ... On 2/24/2012 5:36 AM, Ahmed Hassan wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. [snip] ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Sat, Feb 25, 2012 at 04:09:24AM -0500, eliaz wrote: Why not just collect onion addresses in an encrypted file? ... You might want to look up how they did things before DNS was invented. P.S. You're top-posting. On 2/24/2012 5:36 AM, Ahmed Hassan wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. [snip] ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
OK, here are some real examples I got from a dictionary that has a 67843 words. I collected most of the words from the Bible and Gutenberg project. I used Python to convert to decimal from base 32. DuckDuckGo 3g2upl4pq6kufc4m.onion = cowboys-slipt-pisanio-utgar-spinnt.onion Official Tor package archive j6im4v42ur6dpic3.onion = merton-arkader-eozon-yea-russky.onion The last part means literally I'm Russian in Russian http://translate.google.com/#auto|ru|I%27m%20russian Hit listen in Russian Official Tor media archive http://p3igkncehackjtib.onion/ = puzzler-longis-fido-jipal-vilda.onion The size of the dictionary is 455K uncompressed, and 163K compressed by Gzip. Hmm, What do you think? Should I post this to tor-dev? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Sat, Feb 25, 2012 at 06:34:02AM -0500, eliaz wrote: Where all the other sensitive files are, and updated as needed. I'm do see how the dictionary scheme might be helpful in some instances, though for some users it might be another complication. But I'm no expert in these matters, just a user. Please trim your replies and do not top-post (message unchanged for illustration). On 2/25/2012 4:12 AM, Ahmed Hassan wrote: and store that file where? How that encrypted file will be updated? On Sat, 2012-02-25 at 04:09 -0500, eliaz wrote: Why not just collect onion addresses in an encrypted file? ... On 2/24/2012 5:36 AM, Ahmed Hassan wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. [snip] ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Where all the other sensitive files are, and updated as needed. I'm do see how the dictionary scheme might be helpful in some instances, though for some users it might be another complication. But I'm no expert in these matters, just a user. On 2/25/2012 4:12 AM, Ahmed Hassan wrote: and store that file where? How that encrypted file will be updated? On Sat, 2012-02-25 at 04:09 -0500, eliaz wrote: Why not just collect onion addresses in an encrypted file? ... On 2/24/2012 5:36 AM, Ahmed Hassan wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. [snip] ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On 24.02.2012 15:03, Andreas Krey wrote: Have you tried this using the actual dictionaries that you want us to use? Are the resulting addresses really memorable? goric-edema-Alces-rune-pan-coost feign-crig-plane-tret-balli-chela Please consider that not everyone's native language is english. Of those words above I know only pan, feign and plane. I can't remember those addresses. Sincerely Sebastian signature.asc Description: OpenPGP digital signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Il 24 febbraio 2012 11:36, Ahmed Hassan ah...@linuxism.com ha scritto: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. First, I need to define some terms I will use in this email. Σ*_{e}: is any English (or any other language) word. D*: is a set of all English words (or any other language again) in dictionary. D*_{N}: N means the location of element Σ* in D*. For example, if D* = { 'cat', 'hat' ,'rat' }. D*_{0} returns 'cat', and D*_{'cat'} returns 0 max(D*): is a total number of words in a dictionary D*. I hope you didn't get confused at this point. Onion address needs to be converted to decimal instead of base 32 to make it easier to implement. Let's say I have already have a value of onion address converted to a decimal. That number is 2025107508922. I will take that number and convert it to number in base max(D*). If we have 51236 words in English dictionary, the result of that conversion will be only 3 digits numbers. The numbers after conversion are the following: 771-22133-48918 Here is a wolframalpha conversion link http://www.wolframalpha.com/input/?i=2025107508922++convert+to+base +51236 I used dash - instead of colons : to separate the converted digits. It's easier to make it work with the URL (URL uses colon to separate address from port) , and easier to convert to the original value. We will take 711, 22133 and 48918 and return the Σ*_{e} from D*. Where Σ*_{e} is an English word, and D* is a dictionary. So, D*_{771}: returns Σ*_{e}', and D*_{22133}: returns different Σ*_{e}'' and so on. At the end we will have something like that: Σ*_{e}' - Σ*_{e}'' - Σ*_{e}^(3).onion If Σ*_{e}' is equal to 'cat', Σ*_{e}'' ( '' means another word) is equal to 'rat' and Σ*_{e}^(3) is equal to 'hat'. The final result will be something like this cat-rat-hat.onion. To convert back again to the original SHA hash value, all we have to do is to return a number from D*_{Σ*_{e}} for each word, and convert it back again to the original base. Users will not have an option to explicitly choose onion domain name, but they will have an option to generate a lot of keys, and choose something they like. Nice idea :) I think the dictionary should be crafted with a small number of words, avoiding similar words, plurals and so on... ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On 2012-02-24, Ahmed Hassan ah...@linuxism.com wrote: Hello Folks, I have a cool idea to make onion addresses memorable. That will have no effect on its authenticity and security. First, I need to define some terms I will use in this email. Σ*_{e}: is any English (or any other language) word. D*: is a set of all English words (or any other language again) in dictionary. Which languages do you want us to ship a dictionary for in every Tor client? (Please specify the exact dictionaries you want us to use as well.) How large are these dictionaries (in bytes)? D*_{N}: N means the location of element Σ* in D*. For example, if D* = { 'cat', 'hat' ,'rat' }. D*_{0} returns 'cat', and D*_{'cat'} returns 0 max(D*): is a total number of words in a dictionary D*. I hope you didn't get confused at this point. Onion address needs to be converted to decimal instead of base 32 to make it easier to implement. No. Computers do not operate efficiently on numbers represented in base 10. Let's say I have already have a value of onion address converted to a decimal. That number is 2025107508922. I will take that number and convert it to number in base max(D*). If we have 51236 words in English dictionary, the result of that conversion will be only 3 digits numbers. The numbers after conversion are the following: 771-22133-48918 Here is a wolframalpha conversion link http://www.wolframalpha.com/input/?i=2025107508922++convert+to+base +51236 I used dash - instead of colons : to separate the converted digits. It's easier to make it work with the URL (URL uses colon to separate address from port) , and easier to convert to the original value. We will take 711, 22133 and 48918 and return the Σ*_{e} from D*. Where Σ*_{e} is an English word, and D* is a dictionary. So, D*_{771}: returns Σ*_{e}', and D*_{22133}: returns different Σ*_{e}'' and so on. At the end we will have something like that: Σ*_{e}' - Σ*_{e}'' - Σ*_{e}^(3).onion If Σ*_{e}' is equal to 'cat', Σ*_{e}'' ( '' means another word) is equal to 'rat' and Σ*_{e}^(3) is equal to 'hat'. The final result will be something like this cat-rat-hat.onion. Have you tried this using the actual dictionaries that you want us to use? Are the resulting addresses really memorable? How long are the resulting addresses? Can they be entered into a computer as efficiently as addresses in the current format? Can a human proofread addresses in this form for errors as efficiently as addresses in the current format? Robert Ransom ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Fri, 24 Feb 2012 05:36:14 +, Ahmed Hassan wrote: ... cat-rat-hat.onion. More like granoblastic-Congoese-counterirritate-solifluctional-Adeona or shameproof-paralogize-concutient-hypersophisticated-Actinomyxidiida. :-) ... Users will not have an option to explicitly choose onion domain name, but they will have an option to generate a lot of keys, and choose something they like. Or rather, something they don't totally dislike, depending on the word set. Restricting the word set to short words makes the result shorter, too: goric-edema-Alces-rune-pan-coost feign-crig-plane-tret-balli-chela The main advantage would be that they are simpler to type and check. --- onion.rb --- arr=[] File.open(/usr/share/dict/words) do |f| f.each_line do |l| arr=l.strip end end ARGV.each do |a| a=a.sub(/\.onion$/,'') # Just in case id=a.to_i(36) s= while id = arr.length x=id%arr.length id/=arr.length s=-+arr[x]+s end s=arr[id]+s puts #{a}: #{s} end --- end --- Obviously you need to use a word set that only contains lowercase letters which I didn't. :-) Excluding offensive words would also be a plus. Which node interprets the .onion names to hashes, anyway? Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Fri, 24 Feb 2012 13:36:45 +, Robert Ransom wrote: ... Which languages do you want us to ship a dictionary for in every Tor client? (Please specify the exact dictionaries you want us to use as well.) Left as an exercise for later. How large are these dictionaries (in bytes)? The last one I tried is 16655 words, 91445 bytes (null-terminated strings). ... Have you tried this using the actual dictionaries that you want us to use? Are the resulting addresses really memorable? goric-edema-Alces-rune-pan-coost feign-crig-plane-tret-balli-chela = Slightly. (I admit that I did not look up what base the *.onion names are in, so the number of bits and thus words may be off.) How long are the resulting addresses? Longer, of course. Can they be entered into a computer as efficiently as addresses in the current format? Depends on the meaning of 'efficient'. Being longer it's more obvious work to type, but... Can a human proofread addresses in this form for errors as efficiently as addresses in the current format? ...easier to proofread or spell over the phone. But then, the proofread part may be eased by adding a few minus signs into the usual onion names just as well. That said, the real problem is deployment of anything like this. Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Fri, Feb 24, 2012 at 04:10:48PM +, Robert Ransom wrote: On 2012-02-24, Andreas Krey a.k...@gmx.de wrote: Which node interprets the .onion names to hashes, anyway? Tor clients themselves interpret hidden service hostnames, so every Tor client would need to include every dictionary. (Dictionaries couldn't be kept in an optional extra package, because clients which do not have a particular dictionary would be easily distinguishable from those which do have it.) What's wrong with a P2P name resolution? E.g. namecoin? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On 2012-02-24, Andreas Krey a.k...@gmx.de wrote: Which node interprets the .onion names to hashes, anyway? Tor clients themselves interpret hidden service hostnames, so every Tor client would need to include every dictionary. (Dictionaries couldn't be kept in an optional extra package, because clients which do not have a particular dictionary would be easily distinguishable from those which do have it.) Robert Ransom ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Well,.. The according to the onion wiki, the length of the onion address is 80 bits. The largest number the onion address can get is: 1208925819614629174706175 That's because FF:FF:FF:FF:FF:FF:FF:FF:FF:FF is the largest number (unsigned) in hex for 80 bits key length. If we assume we have a dictionary that has 50K words, the maximum number of words in the onion address will be 6 words. Wolframa link: http://www.wolframalpha.com/input/?i=1208925819614629174706175++convert +to+base+5 For a 100K words dictionary, it will be 5 words http://www.wolframalpha.com/input/?i=1208925819614629174706175++convert +to+base+10 The average length of a word in English dictionary is 5.1 characters according to this http://www.wolframalpha.com/input/?i=average+english +word+length The larger number of words in a dictionary we use, the shorter the address we get. The end result will be something like this: x-x-x-x-x.onion On Fri, 2012-02-24 at 15:03 +0100, Andreas Krey wrote: On Fri, 24 Feb 2012 13:36:45 +, Robert Ransom wrote: ... Which languages do you want us to ship a dictionary for in every Tor client? (Please specify the exact dictionaries you want us to use as well.) Left as an exercise for later. How large are these dictionaries (in bytes)? The last one I tried is 16655 words, 91445 bytes (null-terminated strings). ... Have you tried this using the actual dictionaries that you want us to use? Are the resulting addresses really memorable? goric-edema-Alces-rune-pan-coost feign-crig-plane-tret-balli-chela = Slightly. (I admit that I did not look up what base the *.onion names are in, so the number of bits and thus words may be off.) How long are the resulting addresses? Longer, of course. Can they be entered into a computer as efficiently as addresses in the current format? Depends on the meaning of 'efficient'. Being longer it's more obvious work to type, but... Can a human proofread addresses in this form for errors as efficiently as addresses in the current format? ...easier to proofread or spell over the phone. But then, the proofread part may be eased by adding a few minus signs into the usual onion names just as well. That said, the real problem is deployment of anything like this. Andreas ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
On Fri, 24 Feb 2012 17:47:30 +, Eugen Leitl wrote: ... What's wrong with a P2P name resolution? E.g. namecoin? Everything. :-) Primarily the fact that namecoin provides name-ipaddr mapping, and the whole point of *.onion is that the service addressed ist *not* identified by an IP address. Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Not correct; Namecoin supports mapping names to Tor hidden services, as well as I2P and Freenet sites. Obviously you need to use a Namecoin implementation that's a proxy instead of a DNS server, but that's not a big deal (nmcsocks already implements this). On 2/24/2012 3:22 PM, Andreas Krey wrote: On Fri, 24 Feb 2012 17:47:30 +, Eugen Leitl wrote: ... What's wrong with a P2P name resolution? E.g. namecoin? Everything. :-) Primarily the fact that namecoin provides name-ipaddr mapping, and the whole point of *.onion is that the service addressed ist *not* identified by an IP address. Andreas ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Let's make Onion Addresses Meaningful To Humans
Similar ideas came up in the past. Last year I've implemented something along those lines as part of my Bachelor's thesis, but I wasn't fully satisfied with the results. Still, maybe my work is useful to you or someone else: http://www.sinic.name/docs/bachelor.pdf The most interesting part for you is probably chapter 2, the analysis. -- Simon Nicolussi, si...@sinic.name http://www.sinic.name/ pgphzeufi8QTS.pgp Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk