Is it desirable to prevent users from choosing their own circuits?
Martin Fick
mogulguy at yahoo.com
Thu Oct 1 19:13:21 UTC 2009
--- On Thu, 10/1/09, Brian Mearns <bmearns at ieee.org> wrote:
> My understanding is that Tor user's are responsible (via their client)
> for creating their own circuit, and that this is typically
> done at random. However, are there any safeguards in place to
> ensure that it is random, and would this be desirable? I would imagine
> that attackers might try to choose specific circuits in order to learn
> more about particular nodes, and the network in general. Would
> preventing this behavior be helpful, and if so, would it be helpful
> enough to offset any disadvantage it causes for legit users?
I do not think that this would be desirable, random circuits
have their downfalls. Other's can elaborate why better I am
sure.
> My idea is pretty simple. Instead of creating the circuit
> through black-box means (relying on their local RNGs, for
> instance), the user would create some seed value S, and then
> a list of random adjustment values, R0, R1, R2,..., one for
> each relay in the circuit. The S value
> would be used to enforce randomness in the circuit, but the
> R values would be used to hide their circuit from relays as usual.
>
> Creating the onion, the user would put a different R value
> into each layer, encrypted for that relay, of course. To create the
> circuit, they would take a hash of S+R0 to get the address of the
> first relay:
> A1 = H(S+R0), and then hash this plus R1 to get the second
> relay: A2 = H(H(S+R0)+R1)), and so on.
Perhaps I don't understand your suggestion, but how
would a hash translate to a relay address? The
maximum possible strength of a hash is related to the
size of its address space, if this is limited to the
number of relays available, it would be pretty weak.
I would imagine that an 8 bit cpu is likely to be
able to easily run through enough hash input
combinations to get the address of any tor relay in
the network, wouldn't they?
-Martin
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list