[tor-onions] Limits on Next-Gen Hidden Services
teor
teor2345 at gmail.com
Fri Nov 18 23:32:36 UTC 2016
Hi,
asn has done some great design work on next-generation hidden services,
and has arrived at some size limits:
"- I feel that the max settings imposed by the 50k max size limit, will satisfy
most crazy hidden service use cases that someone might have wrt scalability
or number of authed clients. It can support up to 350 authed clients, and 20
intro points. We should increase the max size limit, if we want to support
more advanced use cases.
- I also feel the configurations that fit in the default descriptor (of 10k
bytes blob) will probably satisfy most hidden service use cases out there as
it can support up to 80 authed clients, and up to 11 intro points. The
anonymity set of those hidden services descriptors will be good wrt snooping HSDirs
- Giant hidden service descriptors will stand out and their anonymity set will
likely be small. I think such giant hidden services should perhaps split
their info to multiple descriptors using some sort of stealth-auth mechanism
(where they give different onion address to different clients).
Alternatively, we should change our padding rules, or always pad to max
descriptor size."
asn has also made the maximum size a consensus parameter, so it can be
changed if needed.
Please reply to asn's tor-dev email:
https://lists.torproject.org/pipermail/tor-dev/2016-November/011658.html
T
--
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org
------------------------------------------------------------------------
More information about the tor-onions
mailing list