[tor-bugs] #26294 [Core Tor/Tor]: attacker can force intro point rotation by ddos
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jun 15 13:38:05 UTC 2019
#26294: attacker can force intro point rotation by ddos
-------------------------------------------------+-------------------------
Reporter: arma | Owner: asn
Type: defect | Status:
| assigned
Priority: Medium | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-hs, tor-dos, network-team- | Actual Points:
roadmap-2019-Q1Q2 |
Parent ID: #29999 | Points: 7
Reviewer: | Sponsor:
| Sponsor27-must
-------------------------------------------------+-------------------------
Comment (by cypherpunks):
My concern about a proof of work approach is it appears to open a back
channel where a hidden service operator has influence over client
behaviour. This could result in clients executing possibly rarely
used/exploitable codepaths, or new correlation attacks. For example, the
hidden service operator sets a requirement for a PoW that takes 1.21 KW to
compute. The operator has also hacked in to an energy company with high
resolution "smart" meters, then could sit back and watch as users login to
the service.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26294#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list