[tor-dev] resistance to rubberhose and UDP questions

Robert Ransom rransom.8774 at gmail.com
Thu Oct 4 17:50:47 UTC 2012

On 10/4/12, Eugen Leitl <eugen at leitl.org> wrote:
> I've had an IRC session with the designer of cjdns (on cjdns)
> who made a few interesting points, and suggestions. Comments?
> Verbatim chat snip below.
> 18:03 <@cjd> if you took the components from cjdns, you could build a TOR
> like protocol which used UDP if
>              possible and made connections much faster
> 18:04 <+eleitl> I wonder why they didn't choose UDP

Presumably because TCP was easier.

> 18:05 <@cjd> you need to fall back on tcp in case you're firewalled to hell
> 18:05 <+eleitl> Apparently, they're thinking about it
> https://blog.torproject.org/blog/moving-tor-datagram-transport

Yes.  TCP was a bad choice for Tor.

> 18:06 <@cjd> problem with tor is (correct me if I)
> 18:06 <@cjd> 'm wrong)
> 18:06 <@cjd> the directory is signed by the tor foundation
> 18:07 <@cjd> so they can sign a fake directory and run a bunch of directory
> servers and when Alice connects to
>              their directory server, they give her a bunch of fake nodes

The v3 network consensus document must be signed by a majority of the
(currently nine) directory authorities' signing keys.  None of the
directory authorities are operated by Tor Project, Inc..

> 18:07 <@cjd> run their own botnet with fake tor nodes so your circuit is
> always owned

TPI does not have the expertise needed to run a botnet for this purpose.

> 18:07 <+eleitl> I don't really know for sure, but there's intrinsic trust to
> Tor developers, yes.
> 18:08 <+eleitl> You can run your own Tor network, though.
> 18:08 <+eleitl> Some botnets do that.

Interesting.  Do you have a reference describing one of these botnets?

> 18:08 <@cjd> I trust them to make the software right, esp. since I could
> check if they did.
> 18:09 <@cjd> But a little arm twisting can change someone's motives pretty
> fast.
> 18:09 <+eleitl> Maintaining signing secrets is a problem.
> 18:09 <+eleitl> They should have used a P2P design.

Do you have a ‘P2P design’ for Tor which doesn't rely on trusted
parties ‘maintaining signing secrets’ and which isn't broken?
(Hint: No, you don't.)

Do you have any ‘P2P design’ for Tor at all which isn't broken?

> 18:10 <@cjd> If someone (with government hat?) tells you they can make your
> life hell...   I wouldn't fault them
>              for doing what the man says.
> 18:10 <@cjd> *wouldn't fault you
> 18:10 <+eleitl> I'll try bugging some Tor developers about that scenario,
> and see how they squirm.
> 18:11 <+eleitl> Also, the UDP connection thing.
> 18:11 <@cjd> You can "stack" your circuit setup packets if you're using UDP
> 18:11 <@cjd> stack -> all headers in the same packet
> 18:12 <@cjd> cjdns does the same thing

If this refers to including the circuit-extension packet which caused
a relay to open an OR connection in the first UDP packet that it sends
in order to open that connection, I agree that that would be a good
thing to do, although mostly for reasons that cjd isn't mentioning.

If this refers to setting up a complete three-node Tor circuit with
only one outgoing packet sent by the client, that can be implemented
without a UDP-based transport (and early versions of Tor did implement

Robert Ransom

More information about the tor-dev mailing list