[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points

To: Michael Rogers <michael@xxxxxxxxxxxxxxxx>
Subject: Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
From: George Kadianakis <desnacked@xxxxxxxxxx>
Date: Thu, 20 Aug 2015 20:23:01 +0300
Cc: tor-dev@xxxxxxxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 20 Aug 2015 13:23:20 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1440091385; bh=8t6BlokbM56joKQZY5JyysHQGJtKbkSI8MnzJPBdoTY=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=BF6GybSEYR/LAAXjpFnSeCZYGrjiCrO9M7yIIghXxNoH+ZfchS9legHRAlbXxZa1u aIhFlz71X2DOYutAXAyLfCExEtyvXGMNh5bq3mlPPVVeWIxqXNVJb9KPpQcObs4h6p J02T5bSsD6+aNPkCKj64lmi6h2YErOUGotCDYp78=
In-reply-to: <55D4FCC3.2050807@xxxxxxxxxxxxxxxx> (Michael Rogers's message of "Wed, 19 Aug 2015 23:01:39 +0100")
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <579280DB-86DE-489D-89F6-BB139C2DDFC1@xxxxxxxxxxxxxxxx> <55D4FCC3.2050807@xxxxxxxxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Microsoft Outlook Express 6.00.2900.5843

Michael Rogers <michael@xxxxxxxxxxxxxxxx> writes:

> On 12/07/15 22:48, John Brooks wrote:
>> 1.3. Other effects on proposal 224
>> 
>>    An adversarial introduction point is not significantly more capable than a
>>    hidden service directory under proposal 224. The differences are:
>> 
>>      1. The introduction point maintains a long-lived circuit with the service
>>      2. The introduction point can break that circuit and cause the service to
>>         rebuild it
>
> Regarding this second difference: the introduction point (cooperating
> with a corrupt middle node) could potentially try to discover the
> service's guard by repeatedly breaking the circuit until it was rebuilt
> through the corrupt middle node. Would it make sense to use vanguards
> here, as well as on rendezvous circuits?
>

Hello,

currently we address this intro point guard discovery attack by having hidden
services retry only 3 times. After those 3 times, they ditch that intro point
and pick another one.

That said proposal 247 suggests that hidden services use vanguards for both
rendezvous and introduction point circuits anyway.

Take care!
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
  - From: s7r

References:
- Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
  - From: Michael Rogers

Prev by Author: Re: [tor-dev] Hash Visualizations to Protect Against Onion Phishing
Next by Author: Re: [tor-dev] [RFC] On new guard algorithms and data structures
Previous by thread: Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
Next by thread: Re: [tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
Index(es):
- Author
- Thread