[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-dev] HSDir hash ring modification

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-dev] HSDir hash ring modification
From: Kang <td66bshwu@xxxxxxxxx>
Date: Fri, 23 Aug 2013 23:01:26 +0930
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 23 Aug 2013 09:31:39 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=QgXN2epcTljY64wHQ1h+tZE+ryySyWmkFa9T+10VRCk=; b=HKXIB4uEI+4Bbzv2C4WdfeRdiRAm/ibXYaEKDRbp6Ou2Y53radrQi2RjvWFNILAkbY 7kTL5xXIB3+6wQ+dAoQa6Qg1dLv3GGp33RltAC4GE6BJfN9PO6zZLEt4D24IK/qJHyfW dewBUQyrDX8qIcslc3QKSI4CoJ+XgXMDqWDcVZMgfNgiSOaNy3BqW8fC+ZnFb86SKZkz FyB7qLTuvJIDcH+zH+8coOZF/dn7GokMY7YVZYGQ4PBn10jW4w8HWF+VAoGSFk2W/uKu Ess6ro+Qtuli+jORL2Sqp8FxKYFaYC/zmjkUu/i3PeYHF0xT/Hi7SR90Rz10NaQUPBiQ vZ+g==
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hello.
I was reading about hidden services and a thought occurred to me
regarding the hash ring used in choosing and determining the HSDirs
for a hidden service.
As far as I can tell the hash ring is more or less static since a
relay's position is determined by their identity key, which doesn't
change.
I'm also under the impression that the hash ring is only used for
calculation of HSDirs of hidden services.

I don't have a particular method in mind, but it seems to me that you
could use the "time-period" value that is used in calculation of the
service's descriptor-id to shuffle the ring.
This would cause the ring to be different for each hidden service, and
also make its order change periodically.
I imagine in particular it would make onion address enumeration
attacks more difficult, since an attacker wouldn't just be able to
"cast a net" over the ring for all services.

Can anybody see any problems or false assumptions with this?

Thanks
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] HSDir hash ring modification
  - From: Nick Mathewson

Prev by Author: Re: [tor-dev] Torsocks 2.0.0-rc1 release
Next by Author: Re: [tor-dev] HSDir hash ring modification
Previous by thread: Re: [tor-dev] Searchable metrics archive - Onionoo-like API available online for probing
Next by thread: Re: [tor-dev] HSDir hash ring modification
Index(es):
- Author
- Thread