[tor-dev] Request info about how the Tor HS DoS works

[juanjo]

Hello, since months ago we are debating proposals about how to stop HS 
being DDoSed. We have many open issues and even developed in a rush a 
fix "just for the network" (not HS availability).

But, I have not seen yet a good explanation about what is really 
happening when HS is being DDoSed by this famous and effective attack. I 
mean, the only thing I know about it is that its goal is to send a ton 
of INTRODUCE2 cells to the HS, but, what is the cost for the attacker? 
Some questions need to be answered, at least If I want to understand it 
and make a proposal for fixing this issues.

*Questions:*

Is the attacker building a circuit to the Rendz point as expected by the 
protocol? How can we be sure of that?

-Attacker (client) to Rendezvous point circuit:

What is exactly happening on this circuit and how can the attacker 
improve the attack?

Is the attacker using the same Rendz over and over for its INTRODUCE1? A 
new circuit to the Rendz? Can the first two hops of a circuit be reused 
(only changing the exit node) so it can build a new circuit to a new 
Rendz faster and make the attack better?

-Attacker (client) to Intro point:

what is exactly happening on this side of the equation?


Sorry, but I could not find the answer to these questions and what is 
going on on any ticket or this mail lists.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20200107/fd41fd47/attachment.html>