> On 3 Jun 2015, at 02:07 , teor <teor2345@xxxxxxxxx> wrote: > > >> Date: Mon, 18 May 2015 15:48:50 -0800 >> From: OnioNS Dev <kernelcorn@xxxxxxxxxx> >> >> ... >> >> I introduce several data structures, but the most important one is the Pagechain, a distributed structure of linked Pages. Pages contain Records, Records contain .tor -> onion associations. Anyone who is familiar with blockchains will recognize the behavior and application of this structure immediately. However, here the head of the Pagechain is not managed by miners, but rather by a short-lived subset of Tor nodes called a Quorum. They receive Records and merge them into the Pagechain. At the moment I've decided to use 127 Quorum members and rotate them every week. They are randomly selected, but the process is deterministic; I am using the cached-certs + cached-microdesc-consensus documents, which everyone has, to seed a PRNG that then derives the Quorum. > > What's to stop a sybil attack where the malicious relays try to occupy likely site(s) for the next Quorum? > > Is the consensus unpredictable enough to thwart this attack? > Even during quiet times? (Does Tor have quiet times?) > > Can we ensure the Quorum servers have to be long-lived and high-capacity (for example, guards) to make it harder to spin up servers and immediately be added to the Quorum? > I'm not convinced the Stable flag is hard enough to get. > > Of course, there's a trade-off where making the set of Quorum Candidates too small makes the Quorum easier to predict, too. Some day, I will learn to read the whole paper before opening my mouth. I apologise - I withdraw my questions in the face of thousands of bits of entropy per hour, and a comprehensive security analysis. > By the way, in your ACM paper 5.4.2 you switch from Charlie to Alice, but I think they're meant to be the same Quorum Candidate. In an earlier section, "Alice" is a Tor client. This makes this section make sense. teor teor2345 at gmail dot com pgp 0xABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev