[tor-dev] Proposal xxx: Consensus Hash Chaining
Sebastian G. <bastik.tor>
bastik.tor at googlemail.com
Tue Jan 6 18:54:13 UTC 2015
06.01.2015, 18:51 Andrea Shepard:
> Here's a proposal Nick Mathewson and I just wrote for ticket #11157.
>
> [...]
> 1. Introduction and overview
>
> To avoid some categories of attacks against directory authorities and their
> keys, it would be handy to have an explicit hash chain in consensuses.
>
> 2. Directory authority operation
>
> We add the following field to votes and consensuses:
>
> previous-consensus ISOTIME [SP HashName "=" Base16]* NL
>
> where HashName is any keyword.
>
>[...]
To quote Nick Mathewson "I forget what else this was supposed to be good
for." (see the ticket)
I fail to see what kind of attacks would be prevented/avoided.
It's just "we authorities agree that we know these previous consensuses"
isn't it?
Let's say one gets a copy from some authorities' key(s), blocks access
to it/them, forges the IP addresses as they are hardcoded and then he
makes them give the Guard flag to some relays he controls. Those
consensuses would contain the previous hashes as well.
OK that might not be the case it should work against, but I fail to
understand what it adds to security since an attacker would have access
to the previous consensuses as well and therefore be able to create a
hash of it.
I understand that it allows the network to notice if I feed it a valid
consensus (because I got enough of the right keys to sign it) that
doesn't include any or wrong hashes of previous consensuses.
Nevertheless it wouldn't do any damage either, beside what was mentioned
in the security implications.
Best Regards,
Sebastian G.
More information about the tor-dev
mailing list