[tor-dev] Proposal 292: Mesh-based vanguards

Ian Goldberg iang at cs.uwaterloo.ca
Mon May 28 13:00:27 UTC 2018


On Mon, May 28, 2018 at 01:10:21PM +0300, George Kadianakis wrote:
> 2.2. Path restriction changes
> 
>   In order to avoid information leaks and ensure paths can be built, path
>   restrictions must be loosened.
> 
>   In particular, we allow the following:
>      1. Nodes from the same /16 and same family for any/all hops
>      2. Guard nodes can be chosen for RP/IP/HSDIR
>      3. Guard nodes can be chosen for hop before RP/IP/HSDIR.
> 
>   The first change prevents the situation where paths cannot be built if two
>   layers all share the same subnet and/or node family. It also prevents the
>   the use of a different entry guard based on the family or subnet of the
>   IP, HSDIR, or RP.
> 
>   The second change prevents an adversary from forcing the use of a different
>   entry guard by enumerating all guard-flaged nodes as the RP.
> 
>   The third change prevents an adversary from learning the guard node by way
>   of noticing which nodes were not chosen for the hop before it.

To be clear, you are proposing removing these path restrictions for
which circuits?  All?  All HS-related?  All HS-related, but only if the
new options are turned on?
-- 
Ian Goldberg
Professor and University Research Chair
Cheriton School of Computer Science
University of Waterloo


More information about the tor-dev mailing list