[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29260 [Obfuscation/Snowflake]: Should Snowflake proxies have a way to identify themselves to the broker

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #29260 [Obfuscation/Snowflake]: Should Snowflake proxies have a way to identify themselves to the broker
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Wed, 27 Mar 2019 14:48:50 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 27 Mar 2019 10:49:01 -0400
In-reply-to: <043.b1b1208ca35727b6b7a40b3bde0ed128@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.b1b1208ca35727b6b7a40b3bde0ed128@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#29260: Should Snowflake proxies have a way to identify themselves to the broker
--------------------------------------------+------------------------------
 Reporter:  ahf                             |          Owner:  cohosh
     Type:  task                            |         Status:  assigned
 Priority:  Medium                          |      Milestone:  Tor:
                                            |  unspecified
Component:  Obfuscation/Snowflake           |        Version:  Tor:
                                            |  unspecified
 Severity:  Normal                          |     Resolution:
 Keywords:  network-team-roadmap-2019-Q1Q2  |  Actual Points:
Parent ID:  #29207                          |         Points:  1
 Reviewer:                                  |        Sponsor:  Sponsor19
--------------------------------------------+------------------------------
Changes (by cohosh):

 * parent:   => #29207


Comment:

 Part of this ticket involves the websocket protocol between the proxy and
 the broker (#29260).

 === How to persistently identifying proxies

 Another part of it is figuring out a way to persistently identify the
 proxy. We could do something similar to the relay fingerprint, which is a
 hash of the relay's identity key. The identity key (from the tor-spec) is:
 {{{
     - A long-term signing-only "Identity key" used to sign documents and
       certificates, and used to establish relay identity.
 }}}
 While proxies don't necessarily need an identity key at this point, we
 could have them randomly generate some kind of identity marker and then
 compute the hash of that to send to the broker.

 We could also do something a bit fancier here to preserve the privacy of
 proxies (in addition to making identification optional) by having them
 perform some proof that they are a part of a set of returning proxies
 rather than authenticating them individually. I think for now it's best to
 try something simple and make sure that the protocol is extensible and the
 implementation logic can be easily modified if we decide to change it.

 === Implementation details

 I think it makes sense to focus on the standalone proxy-go instances for
 now, since we are in the process of overhauling the browser-based proxies
 and potentially shifting to a Cupcake-like webextension (#23888).

 We need a place to store the identity fingerprint so that it will be
 persistent across restarts of proxy-go. The way tor accomplishes this is
 by storing the fingerprint in the data directory, which defaults to
 /var/lib/tor on linux.

 The only persistent files that proxy-go currently stores are log files,
 but I don't think it makes sense to store the fingerprint with the logs.
 For now it might be easiest to have an additional optional argument that
 takes a path to an identity file. If that identity file does not exist,
 proxy-go will generate a new identity fingerprint and save it in the file.
 Otherwise, it will read in the identity fingerprint and use it to identify
 itself to the broker.

 === How this ties into the Snowflake roadmap

 Eventually these persistent identities can be used to distribute proxies
 to clients that results in more stable, reliable connections. We could
 prevent low-bandwidth or unreliable proxies from throttling or dropping
 client traffic (#25681), or for more persistent proxies try to delay their
 blocking by handing them out in partitions similar to BridgeDB.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29260#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #25658 [Applications/Tor Browser]: Activity 2.1: Improve user understanding and user control by clarifying Tor Browser's security features
Next by Author: Re: [tor-bugs] #29853 [Core Tor/sbws]: sbws should show relays for diagnostics, even when MIN_REPORT has not been reached
Previous by thread: Re: [tor-bugs] #29260 [Obfuscation/Snowflake]: Should Snowflake proxies have a way to identify themselves to the broker
Next by thread: [tor-bugs] #29906 [- Select a component]: Tor for Android stops working immediately on app start
Index(es):
- Author
- Thread