one pony is not enough.
Roger Dingledine

Roger Dingledine commited on 2005-09-25 00:03:25
Zeige 1 geänderte Dateien mit 20 Einfügungen und 4 Löschungen.

... ...
@@ -252,6 +252,16 @@ much traffic of what sort of distribution is needed before the adversary
252 252
 is confident he has won? Are there scenarios (e.g. not transmitting much)
253 253
 that slow down the attack? Do some traffic padding or traffic shaping
254 254
 schemes work better than others?</li>
255
+<li>The "run two servers and wait attack": Tor clients pick a new path
256
+periodically. If the adversary runs an entry and an exit, eventually some
257
+Alice will build a circuit that begins and ends with his nodes. The
258
+current Tor threat model assumes the end-to-end traffic confirmation attack
259
+is trivial, and instead aims to limit the chance that the adversary will
260
+be able to see both sides of a circuit. One way to help this is 
261
+<a href="http://freehaven.net/anonbib/#wright03">helper
262
+nodes</a> -- Alice picks a small set of entry nodes and uses them always.
263
+But in reality, Tor nodes disappear sometimes. So it would seem that the
264
+attack continues, albeit slower than before. How much slower?</li>
255 265
 <li>The "routing zones attack": most of the literature thinks of
256 266
 the network path between Alice and her entry node (and between the
257 267
 exit node and Bob) as a single link on some graph. In practice,
... ...
@@ -262,7 +272,6 @@ Unfortunately, to accurately predict whether a given Alice, entry,
262 272
 exit, Bob quad will be dangerous, we need to download an entire Internet
263 273
 routing zone and perform expensive operations on it. Are there practical
264 274
 approximations, such as avoiding IP addresses in the same /8 network?</li>
265
-<!--<li>Find ideal churn rate for helper nodes; how safe is it?</li> -->
266 275
 <li>Tor doesn't work very well when servers have asymmetric bandwidth
267 276
 (e.g. cable or DSL). Because Tor has separate TCP connections between
268 277
 each hop, if the incoming bytes are arriving just fine and the outgoing
... ...
@@ -292,9 +301,16 @@ nodes.) But how do we distribute a list of these volunteer clients to the
292 301
 good dissidents in an automated way that doesn't let the country-level
293 302
 firewalls intercept and enumerate them? Probably needs to work on a
294 303
 human-trust level.</li>
295
-<!-- <li>Is exiting from the middle of the circuit always a bad idea?</li>
296
-<li>It's not that hard to DoS Tor servers or dirservers. Are puzzles the
297
-right answer? What other practical approaches are there?</li> -->
304
+<li>Tor circuits are built one hop at a time, so in theory we have the
305
+ability to make some streams exit from the second hop, some from the
306
+third, and so on. This seems nice because it breaks up the set of exiting
307
+streams that a given server can see. But if we want each stream to be safe,
308
+the "shortest" path should be at least 3 hops long by our current logic, so
309
+the rest will be even longer. We need to examine this performance / security
310
+tradeoff.</li>
311
+<li>It's not that hard to DoS Tor servers or dirservers. Are client
312
+puzzles the right answer? What other practical approaches are there? Bonus
313
+if they're backward-compatible with the current Tor protocol.</li>
298 314
 </ol>
299 315
 
300 316
 Drop by the #tor IRC channel at irc.oftc.net or email tor-volunteer@freehaven.net if you want to help out!
301 317