[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR peer-to-peer network

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] TOR peer-to-peer network
From: Seth David Schoen <schoen@xxxxxxx>
Date: Sun, 1 Dec 2013 11:49:29 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 01 Dec 2013 14:56:06 -0500
Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=eff.org; s=mail2; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:To:From:Date; bh=UH8lTYyNtR2qvVk8/8OqsyBvjZ1hjPo6DL/xxeLElI0=; b=1eCuC39cBFQCSppWtmncS3ZoKPxvGiuxC8yPpc8fHpmIi1hKuTnjAgcthPT6kNzMf7mznKwv2+5kVsliUvKSq28ZiGSVL6Vt8PRlSClZPgQr1lzi2C4hNrgW5QaWW3/UjvNZO81/Db36yYgW+jFOHZWGiJKnc8dvlz/KSlEazrc=;
In-reply-to: <CANwSK4ODEcnGB4cYOZ-Vt3nXV9GTMLkiX8h8Ux8ZfRxp=dciMQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CANwSK4NnaONjtvBNCKk8F9Mcx0uR0Q0GCEk-7wsdFP5dnFM3jA@xxxxxxxxxxxxxx> <CANwSK4N+jmTNo4ppMeRyDeLj4mEb6AYW5HgKAJ5TVWVK7s-wTw@xxxxxxxxxxxxxx> <CANwSK4ODEcnGB4cYOZ-Vt3nXV9GTMLkiX8h8Ux8ZfRxp=dciMQ@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)

Aravindan B writes:

> > When i use the bridges which i got from the internet, it works. whereas
> > when i try to use my own IPs its not working. Please let me know how to
> > proceed on this as i am stuck here for a long time. Thanks in advance.

If you want to create your own Tor network, you'll need to run your
own directory server and tell all of the clients and routers to use
and trust it.  The directory servers collect information about all
publicly-available Tor nodes so that clients can get a list and then
choose which nodes the clients want to build circuits through.

In the actual public Tor deployment, there are several directory services
which reach a "consensus" about the list of nodes.  One reason for this
is to make it hard for someone to attack Tor by pressuring directory
server operators to tamper with the list (or by breaking into the
directory computers to change the list).  An attacker who could do
that could remove honest nodes from the list and fill it instead with
nodes that the attacker controlled, and then clients would think those
attacker-controlled nodes were the only ones available.

If you have a copy of the normal Tor client, you can see the information
about the directory servers in "cached-certs" and "cached-consensus"
(with the actual listing of available Tor nodes in "cached-descriptors").
You'll see that the certs provide cryptographic keys which are used to
check the integrity of the directory information (verifying that the
several different directory servers have actually signed off on its
correctness).

I couldn't find the complete documentation about the directory servers
(or their source code!).  So this might be a good opportunity to make
it clearer somewhere on the Tor site how to deal with this in modern Tor
(maybe at least on the "research" page?).

The specification for the directory servers is at

https://gitweb.torproject.org/torspec.git/blob/HEAD:/dir-spec.txt

-- 
Seth Schoen  <schoen@xxxxxxx>
Senior Staff Technologist                       https://www.eff.org/
Electronic Frontier Foundation                  https://www.eff.org/join
815 Eddy Street, San Francisco, CA  94109       +1 415 436 9333 x107
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] TOR peer-to-peer network
  - From: Linus Nordberg

References:
- Re: [tor-talk] TOR peer-to-peer network
  - From: Aravindan B

Prev by Author: [tor-talk] Concerns on autostart.sh of TBB
Next by Author: Re: [tor-talk] Aside of Tor Research Project: SlowTor
Previous by thread: Re: [tor-talk] TOR peer-to-peer network
Next by thread: Re: [tor-talk] TOR peer-to-peer network
Index(es):
- Author
- Thread