[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-dev] Hidden Service Scaling
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 07/05/14 17:32, Christopher Baines wrote:
>> What about the attack suggested by waldo, where a malicious IP
>> repeatedly breaks the circuit until it's rebuilt through a
>> malicious middle node? Are entry guards enough to protect the
>> service's anonymity in that case?
>
> I think it is a valid concern. Assuming the attacker has
> identified their node as an IP, and has the corresponding public
> key. They can then get the service to create new circuits to their
> node, buy just causing the existing ones to fail.
>
> Using guard nodes for those circuits would seem to be helpful, as
> this would greatly reduce the chance that the attackers nodes are
> used in the first hop.
>
> If guard nodes where used (assuming that they are currently not),
> you would have to be careful to act correctly when the guard node
> fails, in terms of using a different guard, or selecting a new
> guard to use instead (in an attempt to still connect to the
> introduction point).
Perhaps it would make sense to pick one or more IPs per guard, and
change those IPs when the guard is changed? Then waldo's attack by a
malicious IP would only ever discover one guard.
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJTam21AAoJEBEET9GfxSfMiLkIAJuEjcF4yYH8L6nJOeSw33r+
aa7ANQPoBE0+dxXssNmFSw6Jw77qfip8LTQrvp58csdoxlh7ckp5wDMD0EqDag8X
98MuD6LRMD2q8MyJWHHYzBIn1SipW0PdTjpckdWlzI/u7ltpLy1ZHtLlpbKOGTKP
pTmG0enWCGP7bpkQeEiJYmCHPbQWxTYJ1lvGdG9EX6DMqWR51FiTJpl5u/eI0JiS
5iLzCuPyP+DCyOBlaxFozujSRnElAKgsIQKz9+NY+bmHFC7tCnh1zE7DikbJlDUd
XmZuzvK2VPuCabtDUegBteeenoyD3gtKKk59OyQUu9YbBz8JfJLY0zEmvTG9Mn4=
=gDUS
-----END PGP SIGNATURE-----
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev