[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Snowflake vs China

> Could Chinese censors successfully block most of the snowflakes by
> running several machines that would automatically send requests to the
> snowflake broker and collect IP addresses of snowflakes?
> They cold randomize the requests to look more natural and they could
> spoof their IP addresses like they did when they used active probing to
> collect non-obfuscated Tor bridges so that broker operator cannot
> identify and block IP addresses of their probing servers.

Unless I'm missing something about the threat model, this is basically
the same attack that already applies to all the other Tor bridges (with
the exception of Meek bridges, which are a very different beast).  China
can try to enumerate Snowflake bridges via Sybil-attacking the bridge
distribution mechanisms in the same way that they can try to enumerate
any other non-Meek bridges.

The main benefit of Snowflake against this threat model compared to
other bridge types is that Snowflake bridges are more likely to be on
dynamic IP addresses and are more likely to have intermittent
availability.  Both of these factors mean that Snowflake bridges have
substantially more "churn", which means they resist enumeration attacks
substantially better than the other bridge types.  (You may recognize
this advantage as one that a previous bridge type, Flash Proxy, also
had.  Snowflake is similar to Flash Proxy in this sense, but doesn't
suffer from the UX issues that caused Flash Proxy to be deprecated.)

(Full disclosure: I'm not super familiar with the details of Snowflake,
so maybe I've made errors in the above.  Anyone who's more knowledgeable
about Snowflake is encouraged to correct any errors in what I stated, if
there are any,)

-Jeremy Rand
Lead Application Engineer at Namecoin
Mobile email: jeremyrandmobile@xxxxxxxxxx
Mobile OpenPGP: 2158 0643 C13B B40F B0FD 5854 B007 A32D AB44 3D9C
Send non-security-critical things to my Mobile with OpenPGP.
Please don't send me unencrypted messages.
My business email jeremy@xxxxxxxxxxx is having technical issues at the

Attachment: signature.asc
Description: OpenPGP digital signature

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to