Relay flooding, confirmation, HS's, default relay, web of trust

Lucky Green shamrock at cypherpunks.to
Mon Dec 6 19:43:24 UTC 2010


On 2010-12-06 09:18, John Case wrote:
> 
> On Mon, 6 Dec 2010, grarpamp wrote:
[...]
>> Maybe there would also be benefit in a web of trust amongst nodes
>> not unlike a keysigning party. As with social networking, people
>> vouch for each other in various ways and strengths based on how
>> they feel that person meets them. I don't see any reason why node
>> operators [descriptors] could not keysign and have that web encoded
>> into the descriptors, directories, DHT, etc.
> 
> 
> I proposed early in the previous thread that not only should a web of
> trust be considered, but that this was indeed a classic case of a web of
> trust ... I didn't see any comment on this from the Big Names on the
> list, though...

The Web of Trust (WoT) concept provides for marginal security benefits
and then only in a very narrow set of circumstances that are unlikely to
hold true for the larger community of Tor node operators.

Starting with the second point, the WoT concept presumes that trust
between its members precedes the codification of that trust into
attestations attached to digital certificates.

In other words, the WoT might provide (but likely will not) security
benefits to a group of users that have pre-existing social relations and
trust. For example, members of a human rights group that have personally
known each other, or at least the bulk of each other, for years.

The WoT cannot provide security benefits to a group of users with no
pre-existing social trust relationship, such as the set of "Tor node
operators". The thousands of Tor node operators, a tiny percentage of
which have an existing social relationship, have no inherent trust
amongst each other. And how could they?

Absent an existing real-life WoT, there is no digital WoT to codify.

Even within a group that has a strong existing trust and social graph in
real life, the digital codification of a WoT offers security benefits
only at the extreme margins.

This fact is easiest explained by example:

o Fire up your preferred OpenPGP software. (If you don't have OpenPGP
software, then your understanding of how a WoT works is likely different
from what a WoT actually does).

o Eliminate all public keys for users with whom you do not intend to
communicate. (No communication security system can provide security
benefits to communications that will never take place).

o List the public keys that show as valid. (Meaning they are signed by
one or more keys that you trust to some degree).

o Eliminate all the public keys that are signed by your key. (Those keys
are not authenticated by the WoT, they were authenticated by you directly).

o Eliminate all the public keys that are signed by keys that you chose
to trust because they are the equivalent of CA root keys. This includes
Debian distribution signing keys, the keys of any commercial CA, and the
signing keys of auto-responder key servers such as the PGP Global
Directory. (Signatures performed by such keys do not employ the WoT).

o Look at the small number of public keys remaining. The keys are likely
from deep inside your social circle. Now eliminate all the public keys
that you could trivially authenticate directly, such as by asking a key
holders, who are well known to you, to provide you with their key's
fingerprint at work, at the next security conference, or the next time
you meet at the pub. (The WoT may have authenticated those keys, but the
WoT was not necessary to do so since you could have trivially
authenticated those few keys yourself).

o Lastly, count the remaining public keys. The number will likely be
zero (no real life benefit to the WoT) or close to zero (benefit only in
the extreme margins).

In summary, the WoT is not a suitable solution to increasing the
security of the Tor network.

--Lucky Green


***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list