How are "security levels" of identities in TeamSpeak 3 implemented?

A TeamSpeak identity is simply an ECC key pair for the NIST curve ECC-256 as generated by the libtomcrypt library, together with a counter value that is a 64-bit unsigned integer.

The security level makes use of a classical Proof-of-work system.

Let PUBLICKEY be the base64-encoded string of the identity's ASN.1 DER encoded public key. Further, let COUNTER be the decimal ASCII-encoding of a 64-bit unsigned integer. Then the security level is defined as follows.

securitylevel := leadingzerobits(sha1(PUBLICKEY || COUNTER))

Consequently, the expected number of counter values that need to be tried to reach security level n is 2^n (under the assumption that SHA-1 is a uniform random function).

Note that in theory, the maximum security level could be 160 (as SHA-1 produces a 160-bit hash). However, the TeamSpeak client seems to set the limit artificially to 128. In practice, this makes no difference, as no one will ever reach a security level over 128 (except another breakthrough in attacking SHA-1 happens).

Source: TSIdentityTool, which is an open source implementation of the identity and security level mechanisms.


The method that is used is based on hashcash. http://en.wikipedia.org/wiki/Hashcash

Hashcash is a proof-of-work system designed to limit email spam and denial-of-service attacks.

Source: http://forum.teamspeak.com/showthread.php/57988-Security-level-how-is-it-determined-increased-technical?p=257115#post257115


I can't tell for sure. But if you are looking for a similar feature I would implement it as following: An ID contains a private and a public part (That's what Teamspeak does). So I guess it's some asnyc encryption key you can generate yourself.
Now just generate a sequence of numbers e.g. s = [1..n] and hash them.

As soon as the first M bits of the generated hash match the first M bits of the public key you take it as a valid prof of work for the Security level of M.

You needed n rounds of hashing to find the hash, but to prof it, the server must only hash the result s once and check how many bits match to your public key. The dificulty for you will rise exponentially.

This is in fact similar to what Bitcoin does. But Bitcoin tries to get a certain numbers of Zeros in front of the hash and you don't hash a random number but the b-tree of the block you want to mine plus a nonce (random number).

From Teamspeak: Generate an ID e.g. IHoxfrQNl152vs80N4wYvsEmNd8= Export it to see the secret: e.g. 205VFy/YWQLyDeTxIIQvyy4hGQYxWloFH0R9VW4VRCxQHkcOdFdyX2YHMztQDQQeDA1gNG9Ce0N6CipVHkMie2lzX3ReRX4HFQhqFiB5FBQEEi0DVhhCUltiOE4GcmV2W3FkDX1OdXcrUUxwUUloQVBHRjYvM3EzWCtGeUpkRHlWTTFXZGh1VHJRZVA0Q3hMWE1ITXVxNlU1TTQ=

If you now increase the security, just the first part of the export changes. From 8 → 9 → 24 it gets from 205 to 247 to 520935.

My highest key has some number around 29147155819 at level 34.

I think this number will somehow hash to something that is related to my public key. So anyone can proof it with a single round of hashing, but my PC needed 29147155819 rounds of hashing to find it, which took quite a while ;)

Btw: The max security is 128, so I guess that's the length in bits of the public key.

I hope I was able to help - Tarion