On Sat, Nov 19, 2005 at 12:45:48PM -0600, Arrakis Tor wrote: [reformatted to fix top-post.] > On 11/19/05, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote: [...] > > (Yes, we know about existing p2p models, but the problem isn't > > trivial. It's easy to do bad things to anonymity by partitioning > > client knowledge, or worse, isolating clients in adversary-targetable > > zones.) > > How do routers do it with DNS tables, that we can't with Tor servers? DNS maps names to values, and doesn't worry about vulenrabilities resulting from adversary knowing which clients have learned which values. That's not our problem. Our problem is finding a way for clients to learn about servers and build paths through those servers so that if you (an adversary) see a client, and you control a directory cache, and you control some servers, and you see part of the client's path, you can't deduce with a better-than-chance probability whether the path was generated by the client. Section 5.2 http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf discusses this in more detail. I cannot possibly recommend this paper highly enough to people who want to help with design yrs, -- Nick Mathewson
Attachment:
pgpdijcBDjI3f.pgp
Description: PGP signature