FairPretender: Pretend as any hidden service in passive mode

This flaw in in Tor protocol provides a possibility to resign any Hidden Service descriptor with one’s private key. Thus an adversary that does so can upload this resigned descriptor to the HS Directory and act as a frontend to hidden services whose Introduction Point data has been resigned. They can spread the .onion address of his frontend Hidden Service as a real one over the Internet (phishing) and then perform a DoS attack on chosen Hidden Services or redirect traffic to replicas that he controls and perform Man-in-the-Middle attack.

This is just a brief explanation. For more info see attached paper.

I have idea how to fix this by introducing "backward permanent key signature" https://github.com/mark-in/tor/tree/backward-permkey-signature https://github.com/mark-in/torspec/tree/backward-permkey-signature

It would be great to hear more ideas from you how to fix it better.