[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)

Watson Ladd:
> On Tue, Jun 18, 2019 at 6:29 PM Chelsea Holland Komlo
> <me@xxxxxxxxxxxxxxxx> wrote:
>>
>> There are a couple approaches to consider.
>>
>> POW via hashing goes for a relatively simple to implement approach.
>> However, this incurs a high cost for all clients, and also environmental
>> damage, per previous email.
>>
>> Another approach similar to the above (but more environmentally
>> friendly) can be Proof of Storage (or proof of space), as in
>> https://eprint.iacr.org/2013/796.pdf
>>
>> With both of the above approaches, there will be a tradeoff to what the
>> cost is to deter a would-be attacker, versus the cost to real but
>> bandwidth/cpu limited clients, such as on mobile platforms.
>>
>> More involved approaches include anonymous blacklists/whitelists,
>> blinded tokens, etc. Previous work has been done in this space, here is
>> one example:
>> https://crysp.uwaterloo.ca/courses/pet/F11/cache/www-users.cs.umn.edu/~hopper/faust-wpes.pdf
> 
> Privacy Pass has already been integrated into Tor Browser. Perhaps
> work could be done to use it here?

Where do you see that is has been integrated? As far as I know that's
not the case even though there are still plans to evaluate the latest
iteration closer to get a better understanding about whether it would be
good to integrate it.

[snip]

Georg

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev