[tor-bugs] #31223 [Core Tor/Tor]: Research approaches for improving the availability of services under DoS

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Dec 3 17:30:59 UTC 2019 

#31223: Research approaches for improving the availability of services under DoS
----------------------------+------------------------------------
 Reporter:  asn             |          Owner:  (none)
     Type:  defect          |         Status:  new
 Priority:  Medium          |      Milestone:  Tor: 0.4.3.x-final
Component:  Core Tor/Tor    |        Version:
 Severity:  Normal          |     Resolution:
 Keywords:  tor-hs tor-dos  |  Actual Points:
Parent ID:                  |         Points:  15
 Reviewer:                  |        Sponsor:  Sponsor27-can
----------------------------+------------------------------------

Comment (by asn):

 Just to expand on the `Introducing application-layer anonymous tokens that
 allow legit clients to get priority over DoS attacker` from the top post.
 This would be introducing some sort of anonymous credentials system for
 onion services, where onions can give some tokens to their good clients in
 an out-of-band fashion and these tokens are used during the introduction
 protocol to prioritize them over the swarm of unknown clients.

 With regards to primitives that can be used for such anonymous tokens
 there is a whole literature on anonymous credentials that we should look
 into. Here are some more links that have been sent to me and I have noted
 them for future reading: https://eprint.iacr.org/2019/877.pdf
 https://github.com/sipa/bips/blob/bip-schnorr/bip-
 schnorr.mediawiki#Blind_Signatures
 https://github.com/w3f/schnorrkel/blob/master/src/vrf.rs
 https://github.com/w3f/schnorrkel/blob/master/src/vrf.rs

 Further questions is how these tokens will be passed to legit clients in
 the first place, if the onion service is unreachable. And what's the
 difference between this approach and the onion service just making more
 onion addresses for good clients instead of tokens.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31223#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list