[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Hey guys, here is another (great?) idea



On Sat, Nov 19, 2005 at 12:45:48PM -0600, Arrakis Tor wrote:
 [reformatted to fix top-post.]
> On 11/19/05, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:
 [...]
> > (Yes, we know about existing p2p models, but the problem isn't
> > trivial.  It's easy to do bad things to anonymity by partitioning
> > client knowledge, or worse, isolating clients in adversary-targetable
> > zones.)
>
> How do routers do it with DNS tables, that we can't with Tor servers?

DNS maps names to values, and doesn't worry about vulenrabilities
resulting from adversary knowing which clients have learned which
values.  That's not our problem.  Our problem is finding a way for
clients to learn about servers and build paths through those servers
so that if you (an adversary) see a client, and you control a
directory cache, and you control some servers, and you see part of the
client's path, you can't deduce with a better-than-chance probability
whether the path was generated by the client.

Section 5.2 http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf
discusses this in more detail.  I cannot possibly recommend this paper
highly enough to people who want to help with design

yrs,
-- 
Nick Mathewson

Attachment: pgpdijcBDjI3f.pgp
Description: PGP signature