On Thu, 20 Aug 2015 11:00:51 -0400 Ian Goldberg iang@cs.uwaterloo.ca wrote:
On Thu, Aug 20, 2015 at 02:41:51PM +0000, Yawning Angel wrote:
What would be useful here is the number of onion addresses an average user visits. If it's small, something like this would probably be sufficient:
Browser generates/stores a long term salt.
On onion access, calculate SHAKE(salt | onion address) map that
to a poker hand (5 card draw).
P(52,5) = 311,875,200 C(52,5) = 2,598,960
- Goto 1.
The per-browser salt is a good way to prevent similar-hash attacks, but of course will go astray if the user reinstalls her Tor Browser or has multiple devices.
Yeah, that's a downside. I suspect it can be fairly short but I don't have a solid basis for that suspicion, and it also provides the property of being able to semi-arbitrarily increase the brute forcing difficulty at a latter date.
I'd caution about the poker hand, though. One year when I taught first-year undergraduate CS, we included an assignment that had to do with decks of cards and card games. A surprising number of people had never seen decks of cards before, and were unfamiliar with the concept. I did not observe whether the (un)familiarity was correlated with what part of the world they came from.
It was a hypothetical example. If we're willing to go with the visual equivalent of key poems (which is what my suggestion roughly corresponds to) with a per-client secret to prevent brute forcing, then there's no reason why we couldn't let the user choose a visual representation they're most comfortable with.
(My initial example was going to use mahjong tiles. >.>)
Perhaps a notification "You've never visited this site before" that pushes down from the top like some other notifications might go a long way?
People would likely complain about storing "did access foo.onion in the past" type information to disk. I could argue for/against "well, use a per-client keyed bloom filter, false positive rate!!!!", but depending on the adversary model, people will probably (rightfully) be uneasy at the thought of persisting even that.
The moment people are willing to store "I accessed this onion in the past", I'm inclined to think "this is functionally equivalent to the user bookmarking said onion".
Regards,