On Tue, Oct 22, 2024 at 3:47 AM stifle_savage042--- via tor-dev <tor-dev@lists.torproject.org> wrote: > > Hi all, > > I want to promote some recent work of mine in the hope that someone here will > find it interesting or useful. In my most concise language, it is a > "decentralized, asynchronous entropy generator protocol." I've made a > somewhat complete demo implementation so far. Here's the repository: > https://github.com/devnetsec/rand-num-consensus. The integrity of the entropy > can only be compromised if all nodes in the ring are malicious and > coinciding. Currently, a Tor client cannot anonymously connect to an onion > service by directly contacting the rendezvous point, because that relay could > have been chosen maliciously by the onion server. I wager that a scheme like > this could enable onion servers and clients to share the same circuit. Both > parties would have a guarantee that their relays were chosen randomly. > > The most similar solution I could find to this was in the TorCoin paper, but > it appears to require a more complicated zero-knowledge proof. If there is > serious interest in this, I'd be willing to write a proposal draft. Besides > implementation difficulty, is there any outstanding flaw in this idea?
Uh, yes. Depending on how we class implementation difficulty. - A node can go offline before revealing to influence the random choice. This is very hard to deal with in general. - Encryption isn't a commitment, particularly not with AES-GCM Sincerely, Watson Ladd > > > Best Regards, > > Dylan Downey [devnetsec] > _______________________________________________ > tor-dev mailing list > tor-dev@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev -- Astra mortemque praestare gradatim _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
