[tor-dev] Proposal: Merging Hidden Service Directories and Introduction Points
desnacked at riseup.net
Thu Aug 20 17:23:01 UTC 2015
Michael Rogers <michael at briarproject.org> writes:
> On 12/07/15 22:48, John Brooks wrote:
>> 1.3. Other effects on proposal 224
>> An adversarial introduction point is not significantly more capable than a
>> hidden service directory under proposal 224. The differences are:
>> 1. The introduction point maintains a long-lived circuit with the service
>> 2. The introduction point can break that circuit and cause the service to
>> rebuild it
> Regarding this second difference: the introduction point (cooperating
> with a corrupt middle node) could potentially try to discover the
> service's guard by repeatedly breaking the circuit until it was rebuilt
> through the corrupt middle node. Would it make sense to use vanguards
> here, as well as on rendezvous circuits?
currently we address this intro point guard discovery attack by having hidden
services retry only 3 times. After those 3 times, they ditch that intro point
and pick another one.
That said proposal 247 suggests that hidden services use vanguards for both
rendezvous and introduction point circuits anyway.
More information about the tor-dev