Hey guys, here is another (great?) idea
Nick Mathewson
nickm at freehaven.net
Sat Nov 19 18:56:15 UTC 2005
On Sat, Nov 19, 2005 at 12:45:48PM -0600, Arrakis Tor wrote:
[reformatted to fix top-post.]
> On 11/19/05, Nick Mathewson <nickm at freehaven.net> wrote:
[...]
> > (Yes, we know about existing p2p models, but the problem isn't
> > trivial. It's easy to do bad things to anonymity by partitioning
> > client knowledge, or worse, isolating clients in adversary-targetable
> > zones.)
>
> How do routers do it with DNS tables, that we can't with Tor servers?
DNS maps names to values, and doesn't worry about vulenrabilities
resulting from adversary knowing which clients have learned which
values. That's not our problem. Our problem is finding a way for
clients to learn about servers and build paths through those servers
so that if you (an adversary) see a client, and you control a
directory cache, and you control some servers, and you see part of the
client's path, you can't deduce with a better-than-chance probability
whether the path was generated by the client.
Section 5.2 http://tor.eff.org/cvs/tor/doc/design-paper/challenges.pdf
discusses this in more detail. I cannot possibly recommend this paper
highly enough to people who want to help with design
yrs,
--
Nick Mathewson
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 652 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20051119/41359d4d/attachment.pgp>
More information about the tor-talk
mailing list