[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Hidden Service Scaling



If the goal is to prevent introduction points from guessing the number
of instances because of multiple instances using the same introduction
points, shouldn't this scheme work?

1. On deployment, all instances of a hidden service have a copy of a
secret bitstring (maybe the private key for the hidden service, maybe an
additional secret) and the number of instances N. Every instance also
has a unique instance ID k in the range [0, N-1].

2. When selecting an introduction point, an instance only considers
candidates for which

hash(introduction-point-address || shared-secret) = k mod N.

With this system no two instances will ever connect to the same
introduction point, and it doesn't require any synchronisation between
the instances other than the initial instance ID assignation. But it
relies on there being enough potential introduction points for which the
equality holds.

This will also mean that an introduction point knows that it is always
being used by the same instance of a hidden service. If you want to
avoid this you could add the current day or hour or random time period
to the hashed value, but then you might get a collision when a new time
period begins.

Apologies if this has already been discussed.


--ll

Attachment: signature.asc
Description: This is a digitally signed message part

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev