[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Proposal 109: No more than one server per IP address [was Re: Sybil Attack Countermeasures]



It seems like the granularity of the node selection policy Tor can
implement to frustrate Sybils is partly a function of the size and
diversity of the Tor network.  As long as there are ORs on at least 3
different IPs, a /32 restriction can work (an OP can still build a
circuit); as the network grew, you could start doing /16.  As the
granularity of the policy coarsens, it becomes more difficult for Sybil
to succeed (she now has to have fingers in ever more distant pies).

Is autonomous system number a better indicator of network ownership than
host or network address?  Is it also more delightfully coarse?  Can the
current Tor network sustain such a policy (i.e., route only through
networks with distinct ASNs)?  Am I sniffing glue?


-- 
http://hemiolesque.blogspot.com/
http://www.noncombatant.org/