[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Default clients to be non-exit relay LibTech x

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Default clients to be non-exit relay LibTech x
From: Roger Dingledine <arma@xxxxxxx>
Date: Wed, 28 Aug 2013 16:01:01 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 28 Aug 2013 16:11:58 -0400
In-reply-to: <CACAJzvevW3dD9WuNpULtXa+O8ig-fRxkvDQaERCchLt_UU=4fw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CACAJzvfbNiP30aB+FFm2rfD=j_kWQcKLD0BtH6eLCzomCqXyrA@xxxxxxxxxxxxxx> <521D42A8.6080602@xxxxxxxxx> <CACAJzvewKDLviSB6ktqMhfthESzNzUqnQm-nS7za4amyMH+7tQ@xxxxxxxxxxxxxx> <521E1016.1020903@xxxxxxxxxxxxxx> <CACAJzvevW3dD9WuNpULtXa+O8ig-fRxkvDQaERCchLt_UU=4fw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-06-14)

On Wed, Aug 28, 2013 at 12:41:58PM -0700, Percy Alpha wrote:
> > Every client has to download the full list of relays ("consensus")
> > periodically. In areas with little connectivity, this already puts a
> > high burden on clients.
> 
> Griffin pointed out Tor could download only a portion of relays.

Done naively, this is a poor idea: if you fetch only a subset of
relays, and the adversary can learn or guess which subset you have,
then partitioning attacks can significantly degrade your anonymity. For
example, a middle relay sees the first and third relays, and then asks
itself which users have those three relays in their subset.

See http://freehaven.net/anonbib/#danezis-pet2008 plus the papers it
cites for details.

There are two plausible approaches to fetching a subset of the network
when it gets too big for every client to fetch all of it:

A) Use a DHT-like design to anonymize which relays you're learning about.
For background there, see
http://freehaven.net/anonbib/#wpes09-dht-attack
http://freehaven.net/anonbib/#ccs09-shadowwalker
http://freehaven.net/anonbib/#ccs09-torsk
http://freehaven.net/anonbib/#ccs10-lookup
and this line of papers sort of ran out of steam without producing a
crisp simple non-flawed design.

B) Fetch your subset anonymously through PIR:
http://freehaven.net/anonbib/#usenix11-pirtor

I'm inclined to prefer 'B', because it seems simpler, but maybe that's
only because nobody has fleshed out the actual engineering part of how
we'd deploy it.

> Now when I manually choose serve as a relay, Tor automatically determines
> my bandwidth option(>1.5M).  Tor can default to relay for large bandwidth
> users only.

You might like proposal 175:
https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/175-automatic-node-promotion.txt
Now all we need is somebody to do it.

Also, be sure to read
https://www.torproject.org/docs/faq#EverybodyARelay
In particular point 3 (more relays equals more sockets used on each relay)
and point 4 (there are anonymity attacks that get much easier when the
list of users is known). Especially point 4.

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Default clients to be non-exit relay LibTech x
  - From: Percy Alpha
- Re: [tor-talk] Default clients to be non-exit relay LibTech x
  - From: Griffin Boyce
- Re: [tor-talk] Default clients to be non-exit relay LibTech x
  - From: Percy Alpha
- Re: [tor-talk] Default clients to be non-exit relay LibTech x
  - From: Moritz Bartl
- [tor-talk] Default clients to be non-exit relay LibTech x
  - From: Percy Alpha

Prev by Author: [tor-talk] Many more Tor users in the past week?
Next by Author: Re: [tor-talk] Default clients to be non-exit relay LibTech x
Previous by thread: [tor-talk] Default clients to be non-exit relay LibTech x
Next by thread: Re: [tor-talk] Default clients to be non-exit relay LibTech x
Index(es):
- Author
- Thread