[tor-dev] automatically detect many new identical/similar bridges

teor teor2345 at gmail.com
Wed Dec 14 10:24:50 UTC 2016

> On 14 Dec. 2016, at 21:09, nusenu <nusenu at openmailbox.org> wrote:
> another raw idea:
> - would the bridge auth be willing to publish a randomly generated AS
> identifier (regenerated daily) that allows new bridges added on the same
> day to be grouped by that identifier without directly disclosing the AS
> itself.

Bridges don't necessarily contact the bridge auth before producing their
descriptors. So we'd need a protocol change to do this.

> Note: This introduces a confirmation opportunity, where attackers can
> learn the AS in which a new bridge is added if they added a bridge in
> the same AS on the same day. To reduce this problem it could be a hourly
> generated identifier.

How could we avoid an adversary brute-forcing all the possible ASs and

We can use the shared random value in the consensus to prevent relays
knowing their position on the hidden service hash ring in advance, but
there's nothing stopping someone brute-forcing it in arrears.

So we'd need a concrete protocol that would allow correlation, but not
be able to be brute-forced. And we'd need something that doesn't have
a single point of failure (if only we had two bridge authorities, they
could do the shared random protocol).

Hmm, still worth thinking about...


Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
xmpp: teor at torproject dot org

More information about the tor-dev mailing list