[tor-dev] Needs Code Review: Shared Randomness Generation for Tor

Wed Jan 13 09:02:24 UTC 2016

On 13 Jan (11:34:05), Tim Wilson-Brown - teor wrote:
> 
> > On 13 Jan 2016, at 01:46, George Kadianakis <desnacked at riseup.net> wrote:
> > 
> > Hello there,
> > 
> > we are happy to tell you that we finished coding proposal 250 and our first
> > attempt at implementation is ready for review.
> > 
> > You can find the final specification here:
> >     https://gitweb.torproject.org/user/dgoulet/torspec.git/log/?h=prop250_final_v1
> > and the corresponding code here:
> >     https://gitweb.torproject.org/user/dgoulet/tor.git/log/?h=prop250_final_v1
> > 
> > Trac ticket #16943 (https://trac.torproject.org/projects/tor/ticket/16943) will
> > be used for code review. Please use this mailing list to discuss any issues
> > with the spec.
> > 
> > Some notes: We've separated this in 7 commits prefixed with prop250: except
> > first one that adds a needed tor_htonll/ntohll function to tor utils. This code
> > is mostly contained in two *new* files (with their headers) that are
> > shared-random.{c|h} and shared-random-state.{c|h}.
> > 
> > For what it's worth, we expect this code to run for a long time before the
> > shared random values generated by the authorities are used for anything
> > (e.g. HSDir scrambling).
> 
> I've seen you talk about using chutney for shared randomness generation.
> Can you open a ticket with a branch for the chutney SR template, so people can use it for testing?
> (And then we can merge it into chutney master about the same time this code goes into tor master.)

We've done extensive testing already with chutney. I don't think we need
a specific SR template since this is part of the voting system which
ultimately put the SR values in the consensus.

I mostly used the "hs" template for this and sometimes used a variation
of it with 9 dirauths instead of 3.

> 
> There's a make target, "test-network-all", that runs a series of chutney tests.
> Each of these tests finish in around 35 seconds.
> 
> Can we get a SR chutney template to finish in around that time?
> (With 10 second voting periods?)
> What is the minimum number of voting periods that shared randomness requires?
> (I understand the standard setting is 24, 12 for the commit, and 12 for the reveal.)

For now, that won't be possible :S, the number of rounds per phase (12
commits and 12 reveals) are hardcoded so no torrc options to change
them. We could make it that in TestingNetwork, this is divided by 4
having 3 and 3 but then we are at 60 seconds so :S... Do you think even
just that would be useful?

On the other hand, a very very useful test would be to have a way to
kill/spawn/kill/spawn dirauth to simulate reboots or a way to make them
miss voting periods. That doesn't sound to me that crazy difficult to
achieve with chutney and in that case we could have an epic SR template
that imposes conditions on dirauth lifetime.

Thanks!
David

> 
> Tim
> 
> Tim Wilson-Brown (teor)
> 
> teor2345 at gmail dot com
> PGP 968F094B
> 
> teor at blah dot im
> OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
> 

> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 603 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20160113/a58fccf7/attachment-0001.sig>