[tor-dev] Sharing Circuits Between Onion Servers and Clients
Watson Ladd
watsonbladd at gmail.com
Tue Oct 22 20:04:18 UTC 2024
On Tue, Oct 22, 2024 at 3:47 AM stifle_savage042--- via tor-dev
<tor-dev at lists.torproject.org> wrote:
>
> Hi all,
>
> I want to promote some recent work of mine in the hope that someone here will find it interesting or useful. In my most concise language, it is a "decentralized, asynchronous entropy generator protocol." I've made a somewhat complete demo implementation so far. Here's the repository: https://github.com/devnetsec/rand-num-consensus. The integrity of the entropy can only be compromised if all nodes in the ring are malicious and coinciding. Currently, a Tor client cannot anonymously connect to an onion service by directly contacting the rendezvous point, because that relay could have been chosen maliciously by the onion server. I wager that a scheme like this could enable onion servers and clients to share the same circuit. Both parties would have a guarantee that their relays were chosen randomly.
>
> The most similar solution I could find to this was in the TorCoin paper, but it appears to require a more complicated zero-knowledge proof. If there is serious interest in this, I'd be willing to write a proposal draft. Besides implementation difficulty, is there any outstanding flaw in this idea?
Uh, yes. Depending on how we class implementation difficulty.
- A node can go offline before revealing to influence the random
choice. This is very hard to deal with in general.
- Encryption isn't a commitment, particularly not with AES-GCM
Sincerely,
Watson Ladd
>
>
> Best Regards,
>
> Dylan Downey [devnetsec]
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
--
Astra mortemque praestare gradatim
More information about the tor-dev
mailing list