Karsten Loesing transcribed 1.6K bytes: > On 09/01/17 21:59, isis agora lovecruft wrote: > > I've patched BridgeDB (#21162) and added a file to blacklist these > > bridges by fingerprint. However, looking at the onionoo results > > which David original pasted, the IP addresses are all different > > (10.x.x.x) in onionoo for the ki bridges. Perhaps something is > > wrong with onionoo's hashed-IP file thing? > > Not a bug, a feature > (https://collector.torproject.org/#bridge-descriptors): > > > IPv4 addresses are replaced with 10.x.x.x with x.x.x being the 3 > > byte output of H(IP address | bridge identity | secret)[:3]. The > > input IP address is the 4-byte long binary representation of the > > bridge's current IP address. The bridge identity is the 20-byte > > long binary representation of the bridge's long-term identity > > fingerprint. The secret is a 31-byte long secure random string that > > changes once per month for all descriptors and statuses published > > in that month. H() is SHA-256. The [:3] operator means that we pick > > the 3 most significant bytes of the result. Aha! Got it. So the sanitised IP addresses are dependent upon the bridge identity too, meaning that 3 distinct IP addresses running ~700 tor instances appear in onionoo on ~700 different IP addresses and 22% of the bridges, when in reality they're only 0.2%. Best, -- ♥Ⓐ isis agora lovecruft _________________________________________________________ OpenPGP: 4096R/0A6A58A14B5946ABDE18E207A3ADB67A2CDB8B35 Current Keys: https://fyb.patternsinthevoid.net/isis.txt
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-project mailing list tor-project@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-project