Is it desirable to prevent users from choosing their own circuits?

Martin Fick mogulguy at yahoo.com
Thu Oct 1 19:13:21 UTC 2009


--- On Thu, 10/1/09, Brian Mearns <bmearns at ieee.org> wrote:

> My understanding is that Tor user's are responsible (via their client)
> for creating their own circuit, and that this is typically
> done at random. However, are there any safeguards in place to
> ensure that it is random, and would this be desirable? I would imagine
> that attackers might try to choose specific circuits in order to learn
> more about particular nodes, and the network in general. Would
> preventing this behavior be helpful, and if so, would it be helpful 
> enough to offset any disadvantage it causes for legit users?

I do not think that this would be desirable, random circuits
have their downfalls.  Other's can elaborate why better I am 
sure.


> My idea is pretty simple. Instead of creating the circuit
> through black-box means (relying on their local RNGs, for
> instance), the user would create some seed value S, and then 
> a list of random adjustment values, R0, R1, R2,..., one for 
> each relay in the circuit. The S value
> would be used to enforce randomness in the circuit, but the
> R values would be used to hide their circuit from relays as usual.
> 
> Creating the onion, the user would put a different R value
> into each layer, encrypted for that relay, of course. To create the
> circuit, they would take a hash of S+R0 to get the address of the
> first relay:
> A1 = H(S+R0), and then hash this plus R1 to get the second
> relay: A2 = H(H(S+R0)+R1)), and so on.

Perhaps I don't understand your suggestion, but how 
would a hash translate to a relay address?  The 
maximum possible strength of a hash is related to the 
size of its address space, if this is limited to the 
number of relays available, it would be pretty weak.  
I would imagine that an 8 bit cpu is likely to be 
able to easily run through enough hash input 
combinations to get the address of any tor relay in 
the network, wouldn't they?

-Martin



      
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list