Dave,
After corresponding with Neel and reviewing I2P's obfuscating techniques, in
more detail, it does appear that I2P is blockchaining the fingerprint-to-host
database to all garlic routers. What is not clear is whether said database is
encrypted and secured from operators and only accessable by the garlic routers
themselves?
My thoughts are... What if the Tor Network distributed encrypted
fingerprint-to-host databases to browsers/bridges/relays during the bootstrap
process, with Directory Authorities, that operators did not have access? Such a
process could be further segmented, so only a fraction of the
browser/bridge/relay population would have a portion of the fingerprint-to-host
database at any given time.
While you are correct in surmising that such obfuscation techniques still
wouldn't prevent organizations, with adequate resources, from eventually
discovering browser/bridge/relay addresses, over the wire, it might slow their
blacklisting/censorship efforts and provide browsers/bridges/relays with a
longer shelf-life.
These thoughts are predicated on the Tor Network satisfying questions of
security vs usability and opportunity vs cost.
I hope this sheds some light on my previous comment.
Respectfully,
Gary
"It seems to be an inherent obstacle in design attempting to anonymize a
sub-network within an established known super-network." –Gary C. New
On Monday, December 27, 2021, 7:03:34 AM MST, Dave Warren <d...@thedave.ca>
wrote:
On 2021-12-22 23:42, Gary C. New via tor-relays wrote:
> I know it might be a fundamental change to the Tor network, but would it
> be possible to obfuscate the Tor bridge/relay addresses with their
> respective fingerprints; similar, to the I2P network? I've often thought
> that this aspect of the I2P network is one that is implemented well.
> Perhaps Directory Authorities could preform fingerprint to address
> resolution? I think it would be extremely beneficial if neither bridge
> or relay addresses were published in the wild. It would make great
> strides in further buffering the Tor network from various
> black-listing/censorship techniques.
I guess I'm not sure how this would work, for me as a user, when I
launch tor browser? How do I obtain a bridge or an initial relay?
And as a trivially simple example, what stops an organization with
government level resources from offering $10-$100 (in appropriate
currency) to any citizen that adds a newly discovered bridge to their list?
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
