Hacker strikes through student's router

loki tiwaz loki_tiwaz at hotmail.com
Fri Nov 11 12:40:06 UTC 2005 

i see the problem, the conundrum is to enable identification of server 
originated traffic without creating identity-revealing data.

Perhaps the nym server thing is exactly the solution that is required, blind 
signed keys which do nothing more than certify that the recipient of the 
signature is known to be a server.


>From: Anthony DiPierro <or at inbox.org>
>Reply-To: or-talk at freehaven.net
>To: or-talk at freehaven.net
>Subject: Re: Hacker strikes through student's router
>Date: Fri, 11 Nov 2005 06:57:05 -0500
>
>On 11/11/05, Eugen Leitl <eugen at leitl.org> wrote:
> > On Fri, Nov 11, 2005 at 10:47:24AM +0000, loki tiwaz wrote:
> >
> > > or how about don't bother with the electronic cash thing, make a 
>protocol
> > > which signifies that the packet originated from a tor server and have 
>these
> > > packets prioritised. then the p2p folks will be more likely to set up 
>nodes
> >
> > How do you propose to prove that the packet originated from a bona fide
> > Tor server, without agoric load leveling?
>
>In case you're wondering, like I was, "Agoric comes from agora, the
>Greek word for marketplace. The programs and computers in these
>systems become buyers and sellers of resources, much like a real-life
>marketplace. Buyers compete against one another for scarce resources
>and try to get the best price they can, while sellers attempt to
>maximize their profit."
>http://www.wired.com/wired/archive/4.12/geek.html
>
>Anyway, I think the real difficulty here would be in implementing some
>sort of marketplace without having a significant effect on anonymity.
>I'm sure there are ways to do it, but it doesn't seem to me to be a
>trivial problem at all.  One advantage though is that in Tor the exit
>nodes themselves make essentially no attempt at being anonymous.  This
>is important, because it means they can be trusted to some extent
>based on their track record.
>
>One idea I've played with in my head for a different type of network,
>but which could apply to Tor too, is using processing power as the
>base unit.  Someone would set up a bunch of public/private keypairs or
>md5 hashes or some other sort of one-way function (destroying the
>answers which you'd have to trust them to do), and you'd have to crack
>them in order to get a token.  Different tokens would have different
>values depending on how widespread they were, because the same exit
>node wouldn't accept the same token twice, and as time goes on the
>tokens would get easier and easier to crack, so you'd have to have
>progressively harder to crack values to sustain this over time.  Using
>public/private keypairs of varying strengths would have the advantage
>that you could prove that you possess a token without actually giving
>up that token, but I'm not sure exactly what the use of that would be.
>
>So, to get a high priority packet through the system you crack a key
>and present it as a token to an exit node (using a key that isn't
>already in the possession of that exit node).  Yes, it'd be a crude
>system, among other things because the token wouldn't be transferred,
>it'd be copied, but it'd probably work "good enough", if for nothing
>else than to bootstrap some more elaborate system.  Cracking keys is
>also a waste of resources, so a better system should probably be
>developed over time.  But better systems seem to always rely on some
>sort of central authority - this system has no central authority (as
>long as you trust that the person who initially created the keys threw
>them away, anyway).  Maybe this is where the ability to prove you have
>a public/private keypair without giving it away would come into place,
>those who could prove a high level of trust could create a
>pseudonymous identity and implement one of many alternate currency
>systems.
>
>I think this system would be fairly anonymous.  But it would give a
>bit of a paper trail to those attacking the anonymity of Tor.
>
>Anthony

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

More information about the tor-talk mailing list