- tor-dev - lists.torproject.org

ORB - Onion Reply Block
by Stefan Claas 03 Jun '25

03 Jun '25

Hi gentlemen, I would like to introduce you to pluto an smtp relay wich is using ORBs and would like to know your thoughts. https://githib.com/Ch1ffr3punk/pluto I post it here, because on the regular Tor forum it did not yet received any attention, in form of replies. Best regards Stefan

1 1

Proposal 364: CreateOnehop handshake to replace CREATE_FAST
by Nick Mathewson 07 May '25

07 May '25

https://spec.torproject.org/proposals/364-create-onehop.html This proposal describes a successor to CREATE_FAST that permits circuit handshake extensions. Please feel free to open tickets on gitlab, or to discuss here. Discussion on the forum is also okay! -- Nick

1 0

Proposal 363: Required/recommended protocols for onion services
by Nick Mathewson 07 May '25

07 May '25

https://spec.torproject.org/proposals/363-required-protovers-and-hs.html This proposal describes an enhancement to how we use subprotocol versioning in the consensus to advertise recommended and required subprotocols for running and connecting to onion services. Please feel free to open tickets on gitlab, or to discuss here. Discussion on the forum is also okay! peace, -- Nick

1 0

Proposal 362: Update onion service proof-of-work control loop
by Wesley Aptekar-Cassels 06 May '25

06 May '25

https://spec.torproject.org/proposals/362-update-pow-control-loop.html This proposal suggests a new algorithm for onion services to use to select the suggested effort value for the proof-of-work algorithm. The existing algorithm has some weaknesses, mostly stemming from the fact that the same request sent at different points in time might have different effects on the new suggested effort. The proposed algorithm is based in a more fundamental analysis of the goals of the control loop. Please feel free to open tickets on GitLab, discuss in the tracking ticket, torspec#329, or discuss here. :w

1 0

Proposal 361: Onion Association SANs in Certificates (OASIC)
by Micah Anderson 06 May '25

06 May '25

https://spec.torproject.org/proposals/361-oasic.html This proposal describes Onion Association standardization, authenticated by TLS certificates. It specifies how this association is encoded in the certificate's Subject Alternative Name (SAN) field, providing meaningful SAN-based Onion Association authentication. This proposal was written by Paul Syverson, I'm announcing it on his behalf. Feel free to open tickets on gitlab, discuss here, or also on the Tor Forum. -- Micah Anderson (he/him) Director of Engineering The Tor Project, Inc. <https://torproject.org>

1 0

Proposal 361: Onion Association SANs in Certificates (OASIC)
by Micah Anderson 06 May '25

06 May '25

https://spec.torproject.org/proposals/361-oasic.html This proposal describes Onion Association standardization, authenticated by TLS certificates. It specifies how this association is encoded in the certificate's Subject Alternative Name (SAN) field, providing meaningful SAN-based Onion Association authentication. This proposal was written by Paul Syverson, I'm announcing it on his behalf. -- Micah Anderson (he/him) Director of Engineering The Tor Project, Inc. <https://torproject.org>

1 0

[GSoC 2025] Graph-Based Relay Partitioning – Proposal and Repository
by Valentina Schiavon 21 Apr '25

21 Apr '25

Dear Tor team, I recently submitted a proposal to Google Summer of Code 2025 titled "Graph-Based Analysis of Relay Partitioning in the Tor Network", focused on detecting partitioning patterns through graph data science techniques. Although the project is still in its proposal phase, I have already created a GitHub repository( https://github.com/valentinaschiavon99/tor-relay-partitioning-gsoc2025) where I’m documenting the structure, early diagrams, and test notebooks. I'm reaching out in case any of you have suggestions or would like to point me toward related work, potential pitfalls, or early contributions I could start working on (e.g., documentation or testing). Thank you very much for your time and for the opportunity to contribute to such an impactful project. Best regards, Valentina Schiavon Business Informatics student @ AAU Klagenfurt ,Austria https://www.linkedin.com/in/valentinaschiavon1/ https://github.com/valentinaschiavon99 valentinaschiavon99(a)gmail.com

1 0

Proposal 360: Limiting HSDesc size and amplification
by Nick Mathewson 09 Apr '25

09 Apr '25

https://spec.torproject.org/proposals/360-hsdesc-len-limit.html This proposal describes a mechanism for preventing some kinds of traffic-flooding attacks by HSDirs. It's based on some of Mike Perry's work on Proposal 349. Please feel free to open tickets on gitlab, or to discuss here. Discussion on the forum is also okay! best wishes, -- Nick

1 0

Proposal 359: Counter Galois Onion, Updated
by Nick Mathewson 09 Apr '25

09 Apr '25

https://spec.torproject.org/proposals/359-cgo-redux.html This proposal instantiates a new approach for encrypting relay cells on circuits, to prevent certain kinds of tagging attacks, to improve forward secrecy, and more. It is based on research by Jean Paul Degabriele, Alessandro Melloni, Jean-Pierre Münch, and Martijn Stam. You can read their paper at https://eprint.iacr.org/2025/583 This is important and subtle; I'd appreciate any feedback, especially from cryptographers. I plan to start implementing this quite soon, on the theory that, even if there _are_ flaws, it is very unlikely to be _worse_ than our current malleable relay encryption. Please feel free to open tickets on gitlab, or to discuss here. Discussion on the forum is also okay! cheers, -- Nick

1 0

can tor use secondary groups to read FamilyKeyDirectory?
by nusenu 09 Apr '25

09 Apr '25

Hi, given the following example, tor fails to access the familykeydir folder. familykeydir has the following permissions: drwxr-x--- 2 root tor_reader id _tor uid=996(_tor) gid=993(_tor) groups=993(_tor),994(tor_reader) Is tor able to use secondary groups? When using sudo to switch to user _tor manually, it is possible to read files in that folder without problems. The problem does not happen when _tor's primary group is set to 'tor_reader'. Tested on debian. kind regards, nusenu -- https://nusenu.github.io

3 3