[tor-talk] Tor VoIP PBX Architecture Discussion / Onioncat

Iain Learmonth irl at torproject.org
Tue Oct 23 12:49:06 UTC 2018


Hi,

On 23/10/18 01:27, grarpamp wrote:
> Bittorrent users don't need lifetime / PQC level authentication
> between peers, they just need enough to prevent nuisance
> collisions from degrading operations. Today even the less
> than 32 bits of IPv4 (reality: users don't typically brute the ISPs)
> are working just fine for that, and the 80 bits over Onioncat will
> be sufficient for that for forseeable future. Where they need many
> more equivalent bits of strength is likely in encryption, integrity,
> and anonymity, not authentication.

This is an area with a lot of open research questions. I understand that
users have different requirements, but as I understand it, v2 Onion
services will not be around forever and while I don't have data on this
I don't believe that there would be enough users to have the momentum to
fork the Tor network.

> Yes, one cannot rationally overload all 128 bits for that without colliding
> upon allocated IPv6 space that may appear in one's host stack.
> However the 1:1 key network can be larger than 80 bit. One could
> easily play with up to say 125 bits by squatting on entirely
> unallocated space. (Unlike the clear mistake CJDNS made by
> squatting on space already allocated for a specific and conflicting
> real world in stack purpose.) Obviously the common library widths
> of 96 and 112 could be keyed. And request could be made for a
> formal allocation if compatibility and compliance was felt needed
> by some mental gymnastics.
> 
> https://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.xhtml

One thing I have discussed with the IETF Internet Architecture Board
(IAB) in the past is some sort of scheme for IPv6 addressing for overlay
networks. The result of that discussion was basically get an allocation
from your RIR. You can get a /32 giving you 96 bits to play with. If you
want you can announce it via BGP and provide gateways to the Internet
but it's not required. This gives you collision-free space.

The direct mapping between the IP address and an Onion service though is
the problem. How do you discover the Onion service public key when you
only have 96-bits of data?

> People would like IPv6 and UDP (even raw IP) transport because
> their host stacks support it, the internet is moving to it,
> many applications simply don't speak .onion or torify poorly,
> and it's an interesting capability to plug into other things.

I think I see it more as a transition-mechanism than an end goal. If I
had the time, it's 50/50 right now whether I would work on v3 OnionCat
or some Onion-native version of a protocol (via some kind of AF_ONION
sockets). An interesting fact I learnt recently is that FTP predates TCP
and was actually "ported" after its original development.

> Whether in Tor or some other existing or new network,
> try getting together to develop it, or white papering why it
> cannot be done in any network ever. Whichever outcome,
> any good research there would be a useful addition
> to the set other projects might reference in developing
> their own work.

+1 would encourage anyone that wanted to do research in this area.

Thanks,
Iain.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20181023/ed2eb944/attachment-0001.sig>


More information about the tor-talk mailing list