[tor-dev] Hidden Service Scaling

Michael Rogers michael at briarproject.org
Wed May 7 12:51:56 UTC 2014 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 06/05/14 22:17, Christopher Baines wrote:
> On 06/05/14 22:07, Christopher Baines wrote:
>> On 06/05/14 15:29, Michael Rogers wrote:
>>> I'm interested in your work because the hidden service
>>> protocol doesn't seem to perform very well for hidden services
>>> running on mobile devices, which frequently lose network
>>> connectivity. I wonder if the situation can be improved by
>>> choosing introduction points deterministically.
>> 
>> Unfortunately, I don't really see how anything I have done could
>> have helped with this. Assuming that the mobile device has
>> maintained connectivity during the connection phase, and you now
>> have the 6 hop circuit through the RP, the behaviour from then on
>> is unchanged, and this is where I assume the problems with
>> loosing connectivity occur?
> 
> Right, attempt two, I think I may have misinterpreted what you
> said. The above response relates to client behaviour for hidden
> services. Am I correct in saying that you actually mean hosting the
> hidden service from a mobile device?

That's right.

> If so, then yes. When I implemented the deterministic selection of 
> introduction points, I had to implement a reconnection mechanism
> to ensure that the introduction point would only be changed if it
> had failed, and not in the case of intermittent network issues (the
> degree to which I have actually done this might vary).

Is it necessary to know why the circuit broke, or is it sufficient to
try rebuilding the circuit, and pick a new IP if the old one isn't
reachable?

What about the attack suggested by waldo, where a malicious IP
repeatedly breaks the circuit until it's rebuilt through a malicious
middle node? Are entry guards enough to protect the service's
anonymity in that case?

Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBCAAGBQJTaixsAAoJEBEET9GfxSfMjskH/1hnkZkXDgPOJzP8ymiM+YYx
HGrbhPRTNz4cLCADXruNNmr4an4Zx5ldfNhbfxuzUGyx1Rbu125sNb7nUb6TO+I0
Gnm6M+1kM26BK5yEmnFGuaxFR+wyVdm5ApeTlY6XujVV05AiJF1PUrWBV7RAnD6l
IEahC5sqhNG1ERhGVNx834lg9lVKWZ1M/X1iMzZY2EEtaH1kr2XgBMDVf+I3VO3l
VInDH/IWYdOURYuOb8L1Zc/4GPG+Xx7LZJ+flHodCTkCyv4Ey5QIykUxi9lyIhnD
PWrJVvmJH36/2rN9VoukwDAnI+88joPE8s7UlTaK21P8f0G8S5SpjhKU2PRKzvw=
=FklY
-----END PGP SIGNATURE-----

More information about the tor-dev mailing list