[tor-dev] [idle speculation] Combining bridge partioning and limiting directory trust?
watsonbladd at gmail.com
Fri Nov 4 01:14:24 UTC 2011
I read arma's blog entry calling for someone to see if limiting
zig-zag attacks would harm anonymity. Well, I don't have an answer,
but I did notice that we could increase the number of bridge
authorities by having each bridge authority take a distinct subset of
bridges to hand out, and then implementing a honest forwarder that
forwards an email asking for bridges to a bridge authority based on
some hash function of the requesting gmail address. Compromising an
authority results in those bridges being cut off, but only a subset of
users are affected. This also prevents zig-zag attacks: there are no
clients who see bridges in two distinct authorities mandate.
Unfortunately this only works if bridges are careful not to be listed
by multiple authorities.
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither Liberty nor Safety."
-- Benjamin Franklin
More information about the tor-dev