> On 3 Jun 2015, at 02:07 , teor <[email protected]> wrote: > > >> Date: Mon, 18 May 2015 15:48:50 -0800 >> From: OnioNS Dev <[email protected]> >> >> ... >> >> I introduce several data structures, but the most important one is the >> Pagechain, a distributed structure of linked Pages. Pages contain Records, >> Records contain .tor -> onion associations. Anyone who is familiar with >> blockchains will recognize the behavior and application of this structure >> immediately. However, here the head of the Pagechain is not managed by >> miners, but rather by a short-lived subset of Tor nodes called a Quorum. >> They receive Records and merge them into the Pagechain. At the moment I've >> decided to use 127 Quorum members and rotate them every week. They are >> randomly selected, but the process is deterministic; I am using the >> cached-certs + cached-microdesc-consensus documents, which everyone has, to >> seed a PRNG that then derives the Quorum. > > What's to stop a sybil attack where the malicious relays try to occupy likely > site(s) for the next Quorum? > > Is the consensus unpredictable enough to thwart this attack? > Even during quiet times? (Does Tor have quiet times?) > > Can we ensure the Quorum servers have to be long-lived and high-capacity (for > example, guards) to make it harder to spin up servers and immediately be > added to the Quorum? > I'm not convinced the Stable flag is hard enough to get. > > Of course, there's a trade-off where making the set of Quorum Candidates too > small makes the Quorum easier to predict, too.
Some day, I will learn to read the whole paper before opening my mouth. I apologise - I withdraw my questions in the face of thousands of bits of entropy per hour, and a comprehensive security analysis. > By the way, in your ACM paper 5.4.2 you switch from Charlie to Alice, but I > think they're meant to be the same Quorum Candidate. In an earlier section, "Alice" is a Tor client. This makes this section make sense. teor teor2345 at gmail dot com pgp 0xABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-dev mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
