[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #2435 [Metrics]: Preserving hashed IP addresses in sanitized bridge descriptors

To: undisclosed-recipients:;
Subject: Re: [tor-bugs] #2435 [Metrics]: Preserving hashed IP addresses in sanitized bridge descriptors
From: "Tor Bug Tracker & Wiki" <torproject-admin@xxxxxxxxxxxxxx>
Date: Wed, 02 Feb 2011 14:41:01 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 02 Feb 2011 09:41:11 -0500
In-reply-to: <047.4974b8d0e4d74494d9ea612fdf919927@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: Tor bugs reporting list for trac <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <047.4974b8d0e4d74494d9ea612fdf919927@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#2435: Preserving hashed IP addresses in sanitized bridge descriptors
-------------------------+--------------------------------------------------
 Reporter:  karsten      |       Owner:  karsten
     Type:  enhancement  |      Status:  new    
 Priority:  normal       |   Milestone:         
Component:  Metrics      |     Version:         
 Keywords:               |      Points:         
   Parent:               |  
-------------------------+--------------------------------------------------

Comment(by karsten):

 Christian and I discussed this approach some more.  Christian is concerned
 that someone might brute force the secret.  The attacker could set up a
 few bridges, remember their IP addresses and bridge identities, look up
 the sanitized descriptors in our archives, and try out which secret leads
 to the same 10.x.x.x address in our descriptors.  This attack could be
 performed offline.  He suggests using a much longer secret and changing it
 regularly.

 I somewhat dislike the idea of changing the secret regularly, because it
 means we cannot compare the sanitized IP addresses of multiple intervals
 easily.  But we're probably safer by changing it, e.g., monthly.  Using a
 longer secret, say, 40 or 60 bytes (or even longer?), is a fine idea, too.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2435#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #1919 [Metrics]: Set up a few new torperfs with fixed sets of entry guards
Next by Author: [tor-bugs] #2474 [Development Progress]: Confusing log about "experimental software" with stable versions
Previous by thread: Re: [tor-bugs] #1641 [Metrics]: Make website logs available in the Metrics Portal
Next by thread: Re: [tor-bugs] #2435 [Metrics]: Preserving hashed IP addresses in sanitized bridge descriptors
Index(es):
- Author
- Thread