[tor-dev] resistance to rubberhose and UDP questions

Eugen Leitl eugen at leitl.org
Thu Oct 4 18:49:29 UTC 2012

On Thu, Oct 04, 2012 at 01:50:47PM -0400, Robert Ransom wrote:

> The v3 network consensus document must be signed by a majority of the
> (currently nine) directory authorities' signing keys.  None of the


> directory authorities are operated by Tor Project, Inc..

Is there a documented process by how these authorities are chosen,
and ways for third parties to audit that it's not a tentacle operation?
> > 18:07 <@cjd> run their own botnet with fake tor nodes so your circuit is
> > always owned
> TPI does not have the expertise needed to run a botnet for this purpose.

TPI being...?
> > 18:07 <+eleitl> I don't really know for sure, but there's intrinsic trust to
> > Tor developers, yes.
> > 18:08 <+eleitl> You can run your own Tor network, though.
> > 18:08 <+eleitl> Some botnets do that.
> Interesting.  Do you have a reference describing one of these botnets?

Sorry, that was typed in haste. The only botnet using Tor
I'm aware of is 


which uses the regular Tor network. Not aware of a botnet
running a private Tor network, though such a thing can be
not far behind.
> > 18:08 <@cjd> I trust them to make the software right, esp. since I could
> > check if they did.
> > 18:09 <@cjd> But a little arm twisting can change someone's motives pretty
> > fast.
> > 18:09 <+eleitl> Maintaining signing secrets is a problem.
> > 18:09 <+eleitl> They should have used a P2P design.
> Do you have a ‘P2P design’ for Tor which doesn't rely on trusted
> parties ‘maintaining signing secrets’ and which isn't broken?

No need to be snarky, I mean well. There are obviously ways in which
network quorum can eliminate authorities as a single point of failure
(see Bitcoin, Tahoe LAFS, etc).

> (Hint: No, you don't.)
> Do you have any ‘P2P design’ for Tor at all which isn't broken?

What very few people know: I'm actually a dog. W00f. I don't have the money or 
the skills to do anything which would survive more than a friendly sandbox.
Don't ask me for patches, I'll drag you in a wet skunk which has been dead for
a while.
> > 18:10 <@cjd> If someone (with government hat?) tells you they can make your
> > life hell...   I wouldn't fault them
> >              for doing what the man says.
> > 18:10 <@cjd> *wouldn't fault you
> > 18:10 <+eleitl> I'll try bugging some Tor developers about that scenario,
> > and see how they squirm.
> > 18:11 <+eleitl> Also, the UDP connection thing.
> > 18:11 <@cjd> You can "stack" your circuit setup packets if you're using UDP
> > 18:11 <@cjd> stack -> all headers in the same packet
> > 18:12 <@cjd> cjdns does the same thing
> If this refers to including the circuit-extension packet which caused
> a relay to open an OR connection in the first UDP packet that it sends
> in order to open that connection, I agree that that would be a good
> thing to do, although mostly for reasons that cjd isn't mentioning.
> If this refers to setting up a complete three-node Tor circuit with
> only one outgoing packet sent by the client, that can be implemented
> without a UDP-based transport (and early versions of Tor did implement
> it).

Thanks, I'll pass that on when I'm cjdnsland again.

By the way, I would be very interested in Tor developer's opinions about
the design of cjdns (of course, that's still pretty much in flux, and
parts of infrastructure missing, particularly P2P DNS).

More information about the tor-dev mailing list