[tor-reports] Core Tor sponsorU report for October

Mon Nov 9 23:26:46 UTC 2015

Find attached the report for October (note: October was the last month of Y1) and a short summary of what is planned for Y2.

cheers,
Isabela

-- 
PM at TorProject.org
gpg fingerprint = 8F2A F9B6 D4A1 4D03 FDF1  B298 3224 4994 1506 4C7B
@isa

-------------- next part --------------
++ Core Tor report for October 2015

October was a wrapping-up month where we focused on delivering the previously unfinished Y1 items.  Work done this month includes:

  * Completing the DOS whitepaper, now available as a tech report[1].  It outlines the various possible directions for denial-of-service attacks against Tor, and suggests directions for work on mitigating them as efficiently as possible.

  * Finished our design work on key revocation in Tor[2]

  * Completing two new design proposals for resisting Denial of Service against the Tor network: [3] and [4]. Both are based on significant background research.

  * Finished a detailed technical specification of an improved guard node selection design [5].

  * Made progress on a proof-of-concept implementation for the improved guard node design [6]. This design is not yet a complete match for the specification, and more work will be needed before it's ready to transition to Tor.

  * Completing a total revision of our new-developer documentation [7], including a test-writing guide [8], and the start of a new guide to Tor's internals [9]. All of these have been used experimentally by new developers, and initial feedback has been highly positive.

1. https://research.torproject.org/techreports/dos-taxonomy-2015-10-29.pdf
2. https://gitweb.torproject.org/torspec.git/tree/proposals/256-key-revocation.txt
3. https://gitweb.torproject.org/torspec.git/tree/proposals/257-hiding-authorities.txt
4. https://gitweb.torproject.org/torspec.git/tree/proposals/258-dirauth-dos.txt
5. https://gitweb.torproject.org/torspec.git/tree/proposals/259-guard-selection.txt
6. https://github.com/nmathewson/guardsim
7. https://gitweb.torproject.org/tor.git/tree/doc/HACKING
8. https://gitweb.torproject.org/tor.git/tree/doc/HACKING/WritingTests.md
9. https://gitweb.torproject.org/user/nickm/torguts.git/tree/

++ Core Tor team plans for kicking off Y2

We'll be finishing the guard selection code implementation and running experiments on it over the course of November. Likely, our experiments here will result in further iterations of the design and of the code, converging on a final implementation.

Some of our Y2 tasks are already underway: The Ed25519 code is partially implemented, and some of the implemented portions are already deployed in Tor 0.2.7.   The design work we've done this year will continue to transition into practice in Y2.

Now that our DoS research is more advanced, we know which areas to work on in order to improve Tor's robustness against these attacks, and will be developing them in Y2.  Some are already in progress.

Our initial work on developer documentation will also form a good base for subsequent work on more modules: we'll be documenting them as we go, with feedback from developers about which areas need the most clarity.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-reports/attachments/20151109/72240316/attachment.sig>