[tor-dev] Proposal for PoW DoS defenses during introduction (was Re: Proposal 305: ESTABLISH_INTRO Cell DoS Defense Extension)
Georg Koppen
gk at torproject.org
Thu Jun 20 04:22:00 UTC 2019
Watson Ladd:
> On Tue, Jun 18, 2019 at 6:29 PM Chelsea Holland Komlo
> <me at chelseakomlo.com> wrote:
>>
>> There are a couple approaches to consider.
>>
>> POW via hashing goes for a relatively simple to implement approach.
>> However, this incurs a high cost for all clients, and also environmental
>> damage, per previous email.
>>
>> Another approach similar to the above (but more environmentally
>> friendly) can be Proof of Storage (or proof of space), as in
>> https://eprint.iacr.org/2013/796.pdf
>>
>> With both of the above approaches, there will be a tradeoff to what the
>> cost is to deter a would-be attacker, versus the cost to real but
>> bandwidth/cpu limited clients, such as on mobile platforms.
>>
>> More involved approaches include anonymous blacklists/whitelists,
>> blinded tokens, etc. Previous work has been done in this space, here is
>> one example:
>> https://crysp.uwaterloo.ca/courses/pet/F11/cache/www-users.cs.umn.edu/~hopper/faust-wpes.pdf
>
> Privacy Pass has already been integrated into Tor Browser. Perhaps
> work could be done to use it here?
Where do you see that is has been integrated? As far as I know that's
not the case even though there are still plans to evaluate the latest
iteration closer to get a better understanding about whether it would be
good to integrate it.
[snip]
Georg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20190620/2bb16b13/attachment-0001.sig>
More information about the tor-dev
mailing list