[tor-dev] On the visualization of OONI bridge reachability data

Matthew Finkel matthew.finkel at gmail.com
Sat Oct 25 11:26:50 UTC 2014


On Sat, Oct 25, 2014 at 01:01:52PM +0200, Karsten Loesing wrote:
> On 24/10/14 01:53, isis wrote:
> > isis transcribed 6.6K bytes:
> >>    * The hashed fingerprint (as is the case for bridges in onionoo)
> >>    * The hashed ip:port
> > 
> > Actually, my apologies, I was quite tired when I wrote this and totally
> > completely wrong.
> > 
> > A hashed ip:port would be a terrible idea because IPv4 space is only 2^32 and
> > ports are 2^16. In total that's a 2^48 message space. Hashing for a preimage
> > to get the bridge addresses in quite feasible in those constaints, as well as
> > precomputing the attack offline.
> > 
> > We should come up with a different way to hide ip:ports.
> 
> I'm lacking context, but just in case this is even remotely relevant,
> here's how CollecTor sanitizes bridge IP addresses:
> 
> https://collector.torproject.org/formats.html#bridge-descriptors

Hey Karsten,

Yes, this is very relevant, thanks! Currently our plan involves
keying the JSON dataset using unsanitized "IP Address:port" internally
and the sanitized public version will replace this key with
H(H(fingerprint)). This seems like the easiest way to avoid the
problem of leaking the IP address.

At this point, we don't think we need an IP address in the resulting
dataset, so a unique, linkable fingerprint seems sufficient. If we
find that IP addresses are useful then Collector's algorithm seems like
a good starting point.

- Matt


More information about the tor-dev mailing list