>> And yes again. In this model, an ultra-mega-secret HS should use a
>> long chain of guards. Of course, at some point, it is easier to do a
>> congestion attack to identify the first guard being used by the HS.
>> That is still a win, though, in that such an attack takes more
>> technical skill
A. Johnson:
> > It seems to me that we want to defend against (at least) two
> > different attacks here:
> >
> > Sybil attack:
> ...
> > Coercion attack:
>
> Yes, I also am currently thinking about the problem in this way.
>
> > Unfortunately, it doesn't really make sense to add two '5 day
> >
On Sun, Nov 09, 2014 at 08:23:33PM -0500, Xiang Cai wrote:
> I started to work on csbuflo code a long time ago, and I wasn’t using any
> version control software back then, so I don’t have file commit history
> either…
> Sorry about that.
>
> However, I only modified several core files based on o
On Sun, Nov 9, 2014, at 07:50 AM, George Kadianakis wrote:
> Hidden Service authorization is a pretty obscure feature of HSes, that
> can be quite useful for small-to-medium HSes.
...
> For example, it would be interesting if TBB would allow people to
> input a password/pubkey upon visiting a prot
OK. curiosity got the better of me. I took a random sample of 20,368 HS
descriptors and just 131 were authenticated - that's about 0.6%.
The code I used is here:
https://github.com/drgowen/tor-research-framework/blob/master/src/main/java/tor/examples/HSIsAuthed.java
Best
Gareth
PS - I only took
Gareth Owen writes:
> Grarpamp
>
> I'm only not publishing it because of privacy concerns - ultimately some HS
> operators might not wish to have their existence publically known.. I
> would be open to supplying it to bona fide and verifiable tor project
> members if it is for a legitimate resea
It is verifiable. In authenticated hidden services, the introduction
points are first encrypted and then base64 encoded. So a simple test is:
When base64 decoded, is the MSB bit set on any bytes ? If yes, then it's
probably authenticated, otherwise not.
Note, you can use the Tor research framew
Grarpamp
I'm only not publishing it because of privacy concerns - ultimately some HS
operators might not wish to have their existence publically known.. I
would be open to supplying it to bona fide and verifiable tor project
members if it is for a legitimate research purpose.
I am collecting ver
