[tor-bugs] #2709 [Tor Relay]: Relays can trick authorities into assigning the hsdir flag early
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Mar 11 18:09:35 UTC 2011
#2709: Relays can trick authorities into assigning the hsdir flag early
-----------------------+----------------------------------------------------
Reporter: Sebastian | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.2.x-final
Component: Tor Relay | Version:
Keywords: | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by Sebastian):
Replying to [comment:3 nickm]:
> Reviewing the patch:
>
> * I want to clarify the changes file to specify the attack a little
more accurately.
> * I want to avoid a the possibility of negative uptimes.
>
> I've pushed a tweak to a hsdir_assignment branch in my public
repository.
The fixes look good to me.
> Another security measure: perhaps the authorities should simply not
allow more than N identities per IP per time-unit. If a router is
frequently changing its identity, it's probably up to no good. Worth
writing a proposal there.
I disagree here. New relay operators that experience some problem often
wipe their keys frequently, and also people might share the same IP
address if they get one assigned on the fly. I suppose this should be out
of scope here, and be discussed in a proposal if it happens.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2709#comment:4>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list