In order to enable cables communication users (which includes Liberté Linux users) to communicate with each other stealthily, a user is assigned a persistent e-mail address that looks as follows:
The user part of the address is a 32-character 160-bit SHA-1 cryptographic hash representation of user’s master certificate fingerprint (the SHA-1 of a self-signed CA certificate encompassing an RSA-8192 public key).
The host part is the transport layer-dependent permanent hidden service ID.
For Tor, which is the primary transport layer
supported by cables communication, it is a 16-character Base32 representation
of a half of Tor’s hidden service RSA-1024 public key fingerprint
(an 80-bit part of SHA-1 cryptographic hash),
.onion domain suffix. For I2P, it is a
52-character Base32 encoding of eepSite’s ElGamal-2048 public key SHA-256
fingerprint, with a
In this way, message security (inability of the attacker to reveal the message contents) is independent of the transport layer security (inability of the attacker to reveal the contents of network traffc and the location of correspondents). This is important because, at present, Tor appears to disallow “too much” security by design:
It therefore wouldn’t be wise to rely on Tor’s (or any other OR-like network, for that matter) transport layer security exclusively for privacy of highly sensitive communication. The Tor and I2P networks are, however, nevertheless useful as location obfuscation mechanisms.