[tor-dev] Scaling tor for a global population

Nikita Borisov nikita at illinois.edu
Tue Sep 30 12:02:23 UTC 2014

On Tue, Sep 30, 2014 at 6:29 AM, Prateek Mittal <pmittal at princeton.edu> wrote:
>>   4. The *increase* to descriptor size is not well factored in to the
>> analysis.
>>     4.b. All of the Directory Authorities would need to sign each and
>> every
>>           descriptor by itself. This would result in the current
>>           microdescriptors, which are sized from roughly 900 bytes to some
>> of
>>           the larger ones which are 2.5 KB, increasing in size by roughly
>> 4 KB
>>           (that's the size of the DirAuth signatures on the current
>> consensus).
> I am not sure which signature scheme you are considering. In the paper, we
> talk about threshold BLS signatures, which have only 22 byte overhead. (This
> might increase for better security guarantees, but 4KB overhead seems very
> conservative.)

You can make this even lower because every PIR query returns a block
which is roughly square root the size of the entire database; you
would only need to have a signature on each block.

- Nikita
Nikita Borisov - http://hatswitch.org/~nikita/
Associate Professor, Electrical and Computer Engineering
Tel: +1 (217) 244-5385, Office: 460 CSL

More information about the tor-dev mailing list