[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
From: Aaron Lye <lye@xxxxxxxxxxxxxxxxxx>
Date: Thu, 13 Jun 2019 13:28:00 +0000
Autocrypt: addr=lye@xxxxxxxxxxxxxxxxxx; prefer-encrypt=mutual; keydata= mQINBFsfv7QBEADCvKlVA0ipBYOXNAyZtKI2JGPHLQk9Lye0wu+dpOQ4fekS651YNGDLfjt7 FHuUf+MizBUUH73vv2o6GDuxGcR3Y86AxE/cUEwL2SCpf+NjT5c6aCAR8R4Qn3RzYWrtx08D qehLEQECv/XVKFNgu3cWAiEHtCH9QXawAcTz/L1UH2R/9BwmRFMtnncHPZNT+5tKMLlHmQKA Oj8wfKN0/+l5dA3bPYt81txWo3NpkOjjrYb57BrubS8exXgwAv/cvKqNCNfKNZ/5o1BUCXA3 wWuCI0gPzw9khc35f74wMyiRwA/bI++7qM7ImjNKQrGIeY842oGubz8wRuqKWfMq2JODSS65 l8+o3Q812O1F5aVRanI/vDI/fUhVZYXFBsZEzDqJ72PLl1Xg4T440fhxqMrNc+wFfVeGKjyx xHQWOXbOj6ZDpu7TG9FseMFzM1z8S9vdugEUzjdxCQd9bgVAFfCnjKNQaAaHw4bpIxcgpD25 /HewgXnlf63r2DNd42x8QamsNUfw7sOc+SCLCh6iFIhgsO86+N9AkQ9PXEdQukOF6ceYMKez CXIBISclgaTmMNBrufz9+taJyoECXHsinZwbyL+mDq4cfzPe3IpD1X1XFNjFLXRopvfdtctL nw59SNPhA26AAX7aeXm7qwghZvtXldYdYLfeEsQVtiQF1r7IbQARAQABtCJBYXJvbiBMeWUg PGx5ZUBtYXRoLnVuaS1icmVtZW4uZGU+iQJUBBMBCAA+FiEEVLWdCyEoApxiJKI0vpPNqzkp +kIFAlsfv7QCGyMFCQlmAYAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQvpPNqzkp+kJK 6Q/9EzwRePZFA80WsFTS+Vbn/f5BE2TuenTydM/ScxMHK4jiG1SDsMA4sKTiUErrbdbMTUug fYKWqBc3IpNHd7zBAKO0scUydya6yT7oNYJyHAa7pz++VA4H9RjagbnVTdcTOpH9p4o+dG7B FD6MK103ZUdJYsu8FJxgIUY38V2gFZcOgzuF5bhvBCGkDCgIpmdC88IOBs2p/iivRpg0a+2Y vPWeR0Q7aDtdLiY7PEGfrw1smr7HU6MYuuE8SLM4JeZt6QYs9yQGWx8WQ853jZWsrayg5lwt BHFhmoZSRaaEd02ilN1oiCzzO5GnSbb0nrR06oSNyLHnoDh2/LfpWrLunSk/aHdC2LIbm3GB dTjEd2GE64YapRbeK1OLfRg3fGn0HALr/q3Li0YlKsFaj3vDhVUv3OFfnl9Wfr8uB3lP/Dft kPg+RtbK5Ixrd89oX4HQy5rHfURcC9vfnpTfMCMqdU8/ja5wOOLTkkKyi2CTKuLnkGzZXuSh xjBITBHLwd+ORIXV2OIumS5ZscviIkho/LPLMl4pzETpZ7jz796c4chCUsDZnMWZH7W67WDZ IPRh6zA9Muk0XzCVgPL4N7LQqOTGhJnZUNjHd28eFtRezsrkw42P+mbsa9SjtWTFThP/zi8h gQujCQ1znRdIGKzleicMdLVRrkKZeV7ONKxeqHG5Ag0EWx+/tAEQAPcpj0RLcwYIT2s0m3bc K+6yps7EShti7r75hEYinsFkkd1TCrZ3M0t0Y17p9zGl1jXPUTfQuXKcz1EQ4KllUIw3o3yN XlepoZc5WdrCCwBWduTSfYxD4YFZE8SyVZD+SmO9pxn3z1WuyAUyRfB3H3bfWu+G96E3vlHj oIjB+sROra2po+nUesjeKb+4NuTCjPjWNdB4JTNGqn7dMhd7fS6BzwOUoyRwFl1Q+ZOalbcw pSGxAUCFysKqBI2EJdCx//b/B0JZSV7TiBzYsWlXqr1B9AOITujcWpWZ0qgbBwpcSztRv7sv /DEtdqyqmjYsNwA8droqP6eKpYpBsZpNBfD4Urk8lPmWsQcZ4KbrVfdAboyGL4B6OsMvVnzr sXz1l3CVQNg6Gdp6+Ev/GF0HkNNfeLW8UwPJqY56SMLHhesJF58AQgdRz/BceuLT+Cyxctst Nr3QuvPNH2TUaeYImzMwMwN7Z70MyLBQqlYnAC96nDAae34nywVe8yUmblre/J4Dw7NoDWJ4 uwszOeNJmgg/ouaTu6fyBd07wesVqQtzjaXJF/s7IxCKa9rHwHDE0LH1XSgHs+wVynq971Kc pjGQasgT0uXsb5nDd9XqRuzKYm4PUU5kF2Y6Uu9dFdzBEJDgWvto+FZNUPH2sNm7Gq/g3jtc c4xPReyqxTsZM1aDABEBAAGJAjwEGAEIACYWIQRUtZ0LISgCnGIkojS+k82rOSn6QgUCWx+/ tAIbDAUJCWYBgAAKCRC+k82rOSn6QoCMEACBK+epVh0ipzv+fkE72risSGZDKJjQwvB8gmLo yjEY3c3U2zQvTC/bXH6vGlGIXFIH7iU8wtkddHCZNVFcB8w9XkJehJq3E1/pqLJFMDp1itSG cBgYIQX0N/yCGp3V43QAwWdMdtuNFHEYI+RWVsQbbShib+xaIA7Lgdffdbbmw4Yrg0D5NQQe lEoHicw5zY23tBkNxovjR+I8qFra/HSFYnbAN8Gyor9GyOfIV6Cwy2HmKM3W476suvlC5Rc1 tP/sG5pM+V8U/jfCUn+wCBHxpigOzks6J+pbQegN0hTqbpauu96fRChoGsuKC8zbmc63/3G6 gr6Mw9SGki7w41VC2ag0EcksRHD5o3INgWp7U8i+BA2aUkTITu3dlUPFfYYr/6RqEWOeBDQX ZYRnatdbdULIWAIv6NOLUNVwo6X8ffWmLnD1yePH5taHJB5DHBhR2XL75NKhLOdfwBVyE/bb dlW3n4jR4qHfw0D1eBUzV0+6hpG/EeqEtgzlFYAhVryd//RUpUra11xaaTb+rmr2IuvO/U5q 16iQ5XAqXVdrLS1Hbcg4vw9pyObrcNF/Bx/R2imIegthajRCclel9JevsNMPbuSZtLVcPFq7 3eAiFEkmiPmiPxmlb9253As851nYdeNTWOsawjPUR5YKp5N2mr/fLmetzj9TbPlviX8LOg==
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 13 Jun 2019 09:28:39 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=uni-bremen.de; s=dkim; t=1560432506; i=@uni-bremen.de; bh=j+8px040q/yqYc+0opF9i9OGWnxik56u0ZzwVmM7I2M=; h=To:References:From:Date:In-Reply-To; b=LXI1g0zskZDp6J3npw23d3usJMbq/Vb3pEG0o46Yawu4AXNwGMXkfwx7dUKozYbVp xm0d0Pwc28D/6Lu2oGnJcWiAPV5XioJa99XFPh893OsOm1U2BsaR6KbTyCnUS7Sk+M /gdLCmpliWvOS9Cd7Y2l9Y2gfTUBtqgSHWq5g2Qk=
In-reply-to: <87h88trdjn.fsf@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
Openpgp: preference=signencrypt
References: <20190612121833.GA11139@raoul> <87zhmn0yg4.fsf@riseup.net> <515aa1fd-8952-cbef-6863-6e8830f2676b@avanix.es> <87h88trdjn.fsf@riseup.net>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

George Kadianakis:
>>      2.Client computes POW.
>>      Do{
>> Generates random 8 bytes key (ClientKey).
>> Generates hash(sha512/256 or sha3??) of
>> hash(IPKey + ClientKey)
>> } while (hash does not start with "abcde")
>>
> 
> That looks like a naive PoW scheme. It would perhaps be preferable to
> try to find a GPU/ASIC-resistant or memory-hard PoW scheme here, to
> minimize the advantage of adversaries with GPUs etc.?  Are there any
> good such schemes?

It may be worth looking at Argon2 [1] which is designed to maximize the
cost of password cracking on ASICs based on memory-hard functions.
A different approach is the input-dependent use of several different
hash functions (cf. e.g. [2]).

[1] https://www.cryptolux.org/images/0/0d/Argon2.pdf
[2] https://www.pascalcoin.org/storage/whitepapers/RandomHash_Whitepaper.pdf

> Also services should definitely be able to configure the difficulty of
> the PoW, and IMO this should again happen through the descriptor.

yes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension
  - From: David Goulet
- Re: [tor-dev] Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension
  - From: George Kadianakis
- Re: [tor-dev] Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension
  - From: juanjo
- [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
  - From: George Kadianakis

Next by Author: Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
Previous by thread: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
Next by thread: Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
Index(es):
- Author
- Thread