Re: [tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos

["Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>]

#26294: attacker can force intro point rotation by ddos
-------------------------------------------------+-------------------------
 Reporter:  arma                                 |          Owner:  asn
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  tor-hs, tor-dos, network-team-       |  Actual Points:
  roadmap-2019-Q1Q2                              |
Parent ID:  #29999                               |         Points:  7
 Reviewer:                                       |        Sponsor:
                                                 |  Sponsor27-must
-------------------------------------------------+-------------------------

Comment (by cypherbits):

 Replying to [comment:12 cypherpunks]:
 > My concern about a proof of work approach is it appears to open a back
 channel where a hidden service operator has influence over client
 behaviour. This could result in clients executing possibly rarely
 used/exploitable codepaths, or new correlation attacks. For example, the
 hidden service operator sets a requirement for a PoW that takes 1.21 KW to
 compute. The operator has also hacked in to an energy company with high
 resolution "smart" meters, then could sit back and watch as users login to
 the service.

 PoW should be a fixed value on the network consensus or hardcoded, if we
 want the HS to be capable of configuring it then we should limit the
 parameters. Thats it.

 ----------

 On the other hand I have two questions on the implementation and replay
 caches:

 -How does the replay cache works for INTRODUCE1 cells? The bug allowing
 for the same circuit to send many INTRODUCE1 should be closed years ago.

 -Why we actually rotate Introduction Points? and why we do it after x
 INTRODUCE cells and not based on a time, like each 24 hours?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26294#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs