[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hash Visualizations to Protect Against Onion Phishing



On Thu, 20 Aug 2015 11:00:51 -0400
Ian Goldberg <iang@xxxxxxxxxxxxxxx> wrote:

> On Thu, Aug 20, 2015 at 02:41:51PM +0000, Yawning Angel wrote:
> > What would be useful here is the number of onion addresses an
> > average user visits.  If it's small, something like this would
> > probably be sufficient:
> > 
> >  0. Browser generates/stores a long term salt.
> > 
> >  1. On onion access, calculate SHAKE(salt | onion address) map that
> > to a poker hand (5 card draw).
> > 
> >     P(52,5) = 311,875,200
> >     C(52,5) = 2,598,960
> > 
> >  2. Goto 1.
> 
> The per-browser salt is a good way to prevent similar-hash attacks,
> but of course will go astray if the user reinstalls her Tor Browser
> or has multiple devices.

Yeah, that's a downside.  I suspect it can be fairly short but I don't
have a solid basis for that suspicion, and it also provides the
property of being able to semi-arbitrarily increase the brute forcing
difficulty at a latter date.

> I'd caution about the poker hand, though.  One year when I taught
> first-year undergraduate CS, we included an assignment that had to do
> with decks of cards and card games.  A surprising number of people had
> never seen decks of cards before, and were unfamiliar with the
> concept. I did not observe whether the (un)familiarity was correlated
> with what part of the world they came from.

It was a hypothetical example.  If we're willing to go with the visual
equivalent of key poems (which is what my suggestion roughly
corresponds to) with a per-client secret to prevent brute forcing, then
there's no reason why we couldn't let the user choose a visual
representation they're most comfortable with.

(My initial example was going to use mahjong tiles. >.>)

> Perhaps a notification "You've never visited this site before" that
> pushes down from the top like some other notifications might go a long
> way?

People would likely complain about storing "did access foo.onion in the
past" type information to disk.  I could argue for/against "well, use a
per-client keyed bloom filter, false positive rate!!!!", but depending
on the adversary model, people will probably (rightfully) be uneasy at
the thought of persisting even that.

The moment people are willing to store "I accessed this onion in the
past", I'm inclined to think "this is functionally equivalent to the
user bookmarking said onion".

Regards,

-- 
Yawning Angel

Attachment: pgpzg_fKkxHjn.pgp
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev