Publishing sanitized bridge pool assignments

Nick Mathewson nickm at freehaven.net
Mon Jan 31 22:50:02 UTC 2011


On Mon, Jan 31, 2011 at 3:52 PM, Karsten Loesing
<karsten.loesing at gmx.net> wrote:
> On Mon, Jan 31, 2011 at 03:03:57PM -0500, Ian Goldberg wrote:
>> On Mon, Jan 31, 2011 at 08:37:00PM +0100, Karsten Loesing wrote:
>> > Here's a sample bridge pool assignment from September 2010 that is
>> > sanitized as described above (all IP addresses set to 127.0.0.1, contained
>> > fingerprints are SHA-1 hashes of the original fingerprints):
>> >
>> >   http://freehaven.net/~karsten/volatile/bridge-pool-assignment-sample
>> >
>> > This sample is there, so that everyone gets a better idea of what is meant
>> > by a bridge pool assignment.  Does anyone object to publishing tarballs of
>> > these sanitized bridge pool assignments on the metrics website, so that we
>> > (and anyone else) can analyze them?
>>
>> Is there enough entropy in the things you're hashing to prevent
>> reversing the hash?
>
> Well, I guess so.  We're hashing the bridge identity fingerprints.  From
> dir-spec.txt:
>
>    "fingerprint" fingerprint NL
>
>       [At most once]
>
>       A fingerprint (a HASH_LEN-byte of asn1 encoded public key, encoded in
>       hex, with a single space after every 4 characters) for this router's
>       identity key.
>
> Does this mean we're safe here?

I think we're okay.  A censor could in theory correlate this with
certificates, if it had them, but I think most automated certificate
crawlers will wind up with link certs only, so the censor will need to
do their own crawling to find bridges.

If we care a lot, we could instead have the sanitization process use
some secret X and report H(X|H(ID key)) in place of H(ID key).

-- 
Nick



More information about the tor-dev mailing list