[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Publishing sanitized bridge pool assignments

To: or-dev@xxxxxxxxxxxxx
Subject: Re: Publishing sanitized bridge pool assignments
From: Karsten Loesing <karsten.loesing@xxxxxxx>
Date: Wed, 2 Feb 2011 15:50:25 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-dev-outgoing@xxxxxxxx
Delivered-to: or-dev@xxxxxxxx
Delivery-date: Wed, 02 Feb 2011 09:50:37 -0500
In-reply-to: <AANLkTi=btap75khjx9nrC71Pna8MSF=CN7V1u=xJiBr3@xxxxxxxxxxxxxx>
References: <20110125111245.GA5739@xxxxxxxxxxxxxx> <20110131193700.GA3873@xxxxxxxxxxxxxx> <20110131200357.GR30949@xxxxxxxxxxxxxxxxxxxxx> <20110131205228.GA26222@xxxxxxxxxxxxxx> <AANLkTi=btap75khjx9nrC71Pna8MSF=CN7V1u=xJiBr3@xxxxxxxxxxxxxx>
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-dev@xxxxxxxxxxxxx
User-agent: Mutt/1.5.18 (2008-05-17)

On Mon, Jan 31, 2011 at 05:50:02PM -0500, Nick Mathewson wrote:
> On Mon, Jan 31, 2011 at 3:52 PM, Karsten Loesing
> <karsten.loesing@xxxxxxx> wrote:
> > On Mon, Jan 31, 2011 at 03:03:57PM -0500, Ian Goldberg wrote:
> >> Is there enough entropy in the things you're hashing to prevent
> >> reversing the hash?
> >
> > Well, I guess so.  We're hashing the bridge identity fingerprints.  From
> > dir-spec.txt:
> >
> >    "fingerprint" fingerprint NL
> >
> >       [At most once]
> >
> >       A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
> >       hex, with a single space after every 4 characters) for this router's
> >       identity key.
> >
> > Does this mean we're safe here?
> 
> I think we're okay.  A censor could in theory correlate this with
> certificates, if it had them, but I think most automated certificate
> crawlers will wind up with link certs only, so the censor will need to
> do their own crawling to find bridges.
> 
> If we care a lot, we could instead have the sanitization process use
> some secret X and report H(X|H(ID key)) in place of H(ID key).

Your call.  If you think adding a secret X is important here, we can
change the process.  Note that this change affects all published sanitized
bridge descriptors, because they contain these hashed fingerprints, too.
We should be consistent with the fingerprints we put into bridge pool
assignments and bridge descriptors.  That doesn't exactly make this a
cheap change, because I'll have to sanitize two years of descriptors
again.  But if it's important, I can do it.

Speaking of sanitizing bridge descriptors, there's a related change to the
current sanitizing process discussed in Trac ticket #2435.  I'd really
like to hear your opinions to that ticket (either here or as comments to
the ticket), because that change is about preserving hashed IP addresses
in sanitized bridge descriptors:

  https://trac.torproject.org/projects/tor/ticket/2435

Thanks,
Karsten

Follow-Ups:
- Re: Publishing sanitized bridge pool assignments
  - From: Ian Goldberg
- Re: Publishing sanitized bridge pool assignments
  - From: Karsten Loesing

Prev by Author: Re: IPV6 address support on exit nodes
Next by Author: Re: Publishing sanitized bridge pool assignments
Previous by thread: Re: [tor-dev] xxx-draft-spec-for-TLS-normalization.txt
Next by thread: Re: Publishing sanitized bridge pool assignments
Index(es):
- Author
- Thread