Hey everyone, A few days ago, I had a thought about choosing Tor guard nodes from within Tails. Since Tails doesn't save its state, Tails users pick up new Tor guard nodes at every restart. This compromises the defenses that Tor guards have, such as statistically preventing users from rotating to compromised Tor entry nodes.
However, what if Tails prompted the user for a passphase or a series of words that was then used to select the Tor guards? If the user types in a string X, then we can seed a PRNG with the hash of X, then use the PRNG to select a set of Tor guard nodes. It's probably possible to define the guards by communicating with Tor's control port, or you could also write them directly into Tor's state file before starting Tor. For example, if the user types in "correct horse battery staple", then we can run this through SHA-256, producing 73fe04e5a7a16dbe16492a8773036db1646d87e22337b1c64aae0afab788b626 This hash then initializes the Mersenne Twister PRNG, which then scrambles the list of Tor relays with the Guard flag. The first three nodes are then written for Tor to use. I'm sure there's a way to weigh the selection by consensus weight in the normal Tor fashion, but this should basically work. I think it's important that a hash is used in order to mask any identifiable words that are in the initial seed. It also has the advantage of avoiding some of the (potential) problems with certain seeds of Mersenne Twister, so I think this is a good idea in general. What do you guys think? Has this been proposed before? -- Jesse V
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
