[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Proposal 292: Mesh-based vanguards



On Mon, May 28, 2018 at 01:10:21PM +0300, George Kadianakis wrote:
> 2.2. Path restriction changes
> 
>   In order to avoid information leaks and ensure paths can be built, path
>   restrictions must be loosened.
> 
>   In particular, we allow the following:
>      1. Nodes from the same /16 and same family for any/all hops
>      2. Guard nodes can be chosen for RP/IP/HSDIR
>      3. Guard nodes can be chosen for hop before RP/IP/HSDIR.
> 
>   The first change prevents the situation where paths cannot be built if two
>   layers all share the same subnet and/or node family. It also prevents the
>   the use of a different entry guard based on the family or subnet of the
>   IP, HSDIR, or RP.
> 
>   The second change prevents an adversary from forcing the use of a different
>   entry guard by enumerating all guard-flaged nodes as the RP.
> 
>   The third change prevents an adversary from learning the guard node by way
>   of noticing which nodes were not chosen for the hop before it.

To be clear, you are proposing removing these path restrictions for
which circuits?  All?  All HS-related?  All HS-related, but only if the
new options are turned on?
-- 
Ian Goldberg
Professor and University Research Chair
Cheriton School of Computer Science
University of Waterloo
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev