[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #15186 [Tor]: Can we do HSDesc fetches using PIR, so HSDir can't learn popularity?

Subject: Re: [tor-bugs] #15186 [Tor]: Can we do HSDesc fetches using PIR, so HSDir can't learn popularity?
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Sat, 23 Jan 2016 12:12:25 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 23 Jan 2016 07:12:35 -0500
In-reply-to: <051.1c5f37617f5a80efc1ab7c8a7f83b201@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <051.1c5f37617f5a80efc1ab7c8a7f83b201@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#15186: Can we do HSDesc fetches using PIR, so HSDir can't learn popularity?
---------------------------------------+------------------------------
 Reporter:  cypherpunks                |          Owner:
     Type:  enhancement                |         Status:  assigned
 Priority:  Medium                     |      Milestone:  Tor: 0.2.???
Component:  Tor                        |        Version:
 Severity:  Normal                     |     Resolution:
 Keywords:  027-triaged-1-out, tor-hs  |  Actual Points:
Parent ID:                             |         Points:
  Sponsor:                             |
---------------------------------------+------------------------------

Comment (by teor):

 In Proposal 224, the HSDir can only decrypt the descriptor if it already
 knows the hidden service's address. So that's a partial solution to this
 ticket, which makes the cost of this attack higher. (The HSDir has to try
 to decrypt each descriptor with each known address.)

 We could do better by having clients ask for N > 1 descriptors, or all
 descriptors, but that is likely to have too high a bandwidth cost.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15186#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #15621 [Tor]: Kill the pre-version 3 intro protocol code with fire.
Next by Author: Re: [tor-bugs] #10767 [Tor]: Override geoip relay location with declared location
Previous by thread: Re: [tor-bugs] #15186 [Tor]: Can we do HSDesc fetches using PIR, so HSDir can't learn popularity?
Next by thread: Re: [tor-bugs] #12661 [Tor]: Some directory authorities reject IP ranges long after we ask them to stop (was: "Authdir is rejecting routers in this range.")
Index(es):
- Author
- Thread