[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)



George Kadianakis:
>>      2.Client computes POW.
>>      Do{
>> Generates random 8 bytes key (ClientKey).
>> Generates hash(sha512/256 or sha3??) of
>> hash(IPKey + ClientKey)
>> } while (hash does not start with "abcde")
>>
> 
> That looks like a naive PoW scheme. It would perhaps be preferable to
> try to find a GPU/ASIC-resistant or memory-hard PoW scheme here, to
> minimize the advantage of adversaries with GPUs etc.?  Are there any
> good such schemes?

It may be worth looking at Argon2 [1] which is designed to maximize the
cost of password cracking on ASICs based on memory-hard functions.
A different approach is the input-dependent use of several different
hash functions (cf. e.g. [2]).

[1] https://www.cryptolux.org/images/0/0d/Argon2.pdf
[2] https://www.pascalcoin.org/storage/whitepapers/RandomHash_Whitepaper.pdf

> Also services should definitely be able to configure the difficulty of
> the PoW, and IMO this should again happen through the descriptor.

yes

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev