[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Sybil Attack Countermeasures

To: or-dev@xxxxxxxx
Subject: Sybil Attack Countermeasures
From: "Kevin Bauer" <ksbauer@xxxxxxxxx>
Date: Fri, 9 Mar 2007 16:28:34 -0700
Delivered-to: archiver@seul.org
Delivered-to: or-dev-outgoing@seul.org
Delivered-to: or-dev@seul.org
Delivery-date: Fri, 09 Mar 2007 18:28:49 -0500
Dkim-signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:reply-to:to:subject:mime-version:content-type; b=lj5pM7UAAXIzdrjOViKgjsIbOk7cNC8obVhUP5ODi87Mr8kUUcGvk9wxVRlwOtp5CBfBYLIeV6nCkYBYUioPbO0dGr18B6ZPOXB8xCOSZ4SqZmticQjsPH6ATDqoPsSNgdqr/7aIXDACeSROfLtWijS57bQsFsh5oc82PuR+n1s=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type; b=PC7EbAvzWcE36WfSO951wDWvSADb1GmiA7ounky1QqD+KzMgJ19tplpcnobEdGkadg6VJceX8WI7M0r1iBPlbByV+2fn3xKv5p4epk3CifiMgEnbaG1xBKEryOR20A/5TeJSvFL0vBLYZGx8kAkhjXTbG9pXYDh4pYXstEvjdOA=
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-dev@xxxxxxxxxxxxx

The following is a proposal for a Sybil attack defense.

Filename: sybil_checking.txt
Title: Sybil Attack Checking
Version:
Last-Modified:
Author: Kevin Bauer & Damon McCoy
Created: 9-March-2007
Status: Open

Overview:
	This document describes a solution to a Sybil attack
    vulnerability in the directory servers. Currently, it 
    is possible for a single IP address to host an arbitrarily 
    high number of Tor routers. We propose that the directory
    servers limit the number of Tor routers that may be registered
    at a particular IP address to some small (fixed) number, perhaps
    just one Tor router per IP address.

Motivation:
	Since it is possible for an attacker to register an arbitrarily large
    number of Tor routers, it is possible for malicious parties to 
    do this to as part of a traffic analysis attack.

Security implications:
	This countermeasure will increase the number of IP addresses that an
    attacker must control in order to carry out traffic analysis.

Specification:
	We propose that the directory servers check if an incoming Tor router
    IP address is already registered under another router. If this is 
    the case, then prevent this router from joining the network.

Compatibility:
	Upon inspection of a directory server, we found that the following
    IP addresses have more than one Tor router:

	Scruples    68.5.113.81     ip68-5-113-81.oc.oc.cox.net     443
	WiseUp      68.5.113.81     ip68-5-113-81.oc.oc.cox.net     9001
	Unnamed     62.1.196.71     pc01-megabyte-net-arkadiou.megabyte.gr  9001
	Unnamed     62.1.196.71     pc01-megabyte-net-arkadiou.megabyte.gr  9001
	Unnamed     62.1.196.71     pc01-megabyte-net-arkadiou.megabyte.gr  9001
	aurel       85.180.62.138   e180062138.adsl.alicedsl.de     9001
	sokrates    85.180.62.138   e180062138.adsl.alicedsl.de     9001
	moria1      18.244.0.188    moria.mit.edu   9001
	peacetime   18.244.0.188    moria.mit.edu   9100

	There may exist compatibility issues with this proposed fix. It is unclear
    why more than one router would need to be on the same IP address.

Follow-Ups:
- Re: Sybil Attack Countermeasures
  - From: Roger Dingledine

Prev by Author: Re: Uptime Sanity Checking
Next by Author: Reducing indentation of torflow
Previous by thread: Re: Uptime Sanity Checking
Next by thread: Re: Sybil Attack Countermeasures
Index(es):
- Author
- Thread