[messaging] Are vanity onion domains a good idea?

[Natanael]

Den 23 okt 2015 23:10 skrev "Philipp Winter" <phw at nymity.ch>:
>
> The Tor network uses self-authenticating names for onion services, e.g.,
> 3g2upl4pq6kufc4m.onion.  These onion domains are difficult to recognise
> and remember, which is one reason why some onion service providers
> started generating vanity domains.  The idea is to keep generating key
> pairs until the hash's prefix contains a desirable string.  Facebook got
> a pretty good one with facebookcorewwwi.onion.
>
> Attackers have now started to impersonate onion services by generating
> onion domains whose prefix resembles the original.  An example is
> DuckDuckGo's search engine:
>
> Original:      3g2upl4pq6kufc4m.onion
> Impersonation: 3g2up5afx6n5miu4.onion
>                ^^^^^
> Users who encounter an impersonated onion domain might mistakenly assume
> it's the original because they recognise the prefix.  I worry that this
> kind of phishing attack is particularly effective against vanity onion
> domains because they might incentivise users disproportionately to only
> verify the easily recognisable prefix.
>
> As a result, I wonder if vanity onion domains raise more problems than
> they solve.  Should onion domain generation be made deliberately slow to
> render vanity onion domains and phishing attacks impractical?  Should we
> provide browser-based tools to manage onion domains instead of treating
> them like normal, memorable domains?
>
> Thoughts?

They're representations of public keys. Treat them like all other
representations of public keys. Don't expect the user to remember them
exactly. Use bookmarks, phishing protected authentication (U2F / UAF), be
careful with your sources.

- Sent from my tablet
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20151023/b56b2ea6/attachment.html>