[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Defending against guard discovery attacks by pinning middle nodes



> It's interesting to reduce the HS path length, but that would reduce
> the length of the chain that the adversary has to walk, which is bad :/

Yeah, security in this attack model pushes towards a long path.

> The rendezvous model is a bit restricting isn't it :(

Agreed, modifying path selection just raises the attack time and effort some (although that “some” is a real improvement IMHO). Clearly users with a powerful global adversary should be able to survive eventual compromise of a server. It might be fun to build a system that would provide fault tolerance and protect the private HS information against individual server compromise. “Survivable HSes”? This seems doable :-)

Cheers,
Aaron
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev