[tor-access] Specification for bypassing CAPTCHAs using blinded tokens

Jeff Burdges burdges at gnunet.org
Thu Oct 6 14:06:54 UTC 2016


On Thu, 2016-10-06 at 12:49 +0000, Georg Koppen wrote:
> > If properly implemented, then blind signatures from one session can
> > safely be used with another session.**  
> 
> Well, I assumed that blind signatures get properly implemented when
> writing my mail. There is more, though. The idea behind New Identity 
> is clearing browser state as well as this state risks leaking into the
> new identity. "state" in this particular case would mean "having been
> on a clouldflare customer website before and having blinded tokens 
> ready for spending". 

Yes, it leaks roughly a bit of information about the bipartite graph
between users and site visits. And I mentioned a layered approach to
Alex that leaks more than one.

These bits cannot compound across multiple page loads or site visits, as
anyone who visits the site gets them, but certainly there are
concerns : 
- These bits obviously compound with any information TBB or the user
leaks to the site.
- If multiple CDNs, etc. adopt this token based approach, then users can
easily be deanonymized by the CDNs they have or have not used.
- There is no way to safely use per site tokens as the differences
across sites can be used to tag users.
- We'd leak more if CloudFlare rotated their key.
- The layered scheme for token withdrawal that I mentioned to Alex
sounds more fragile now.

Very messy..

Thanks for pointing this out.  :) 

> Having done New Identity might even be detectable by the edge
> in this case, given that it could send a cookie after performing the
> CAPTCHA request and signing the blinded tokens which would get cleared
> by New Identity.

I donno if I understand this part, but there is an existing problem that
the edge sees cookies from many sites, allowing them to correlate
traffic to deanonymize users with purely the cookies.  I donno if these
new edges cookies make that so much worse than cookies sites use
anyways.

Ideas for fixing that sounds pretty drastic : Do not send cookies, site
data, etc. to sites protected by CloudFlare without user consent.
Attempt to load them as static pages from CloudFlare's cache without
revealing cookies.  Attempt to use Ceno, etc. to get a static version of
any page that is not itself static.  Requite that users click through
some dialog to access dynamic content on a page.  Ain't just CloudFlare
that weakens TLS in that way though.

Jeff

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-access/attachments/20161006/388a650a/attachment.sig>


More information about the tor-access mailing list