Opened 4 years ago

Closed 4 years ago

#15963 closed enhancement (implemented)

Don't vote HSDir if we aren't voting Fast

Reported by: arma Owned by: dgoulet
Priority: Medium Milestone: Tor: 0.2.7.x-final
Component: Core Tor/Tor Version:
Severity: Keywords: 026-backport
Cc: Actual Points:
Parent ID: #16538 Points:
Reviewer: Sponsor: SponsorR

Description

Right now when you spin up a new relay, it gets the HSDir flag before it gets measured. So for the sybil attackers that are aiming to mess with hidden service descriptors in some way, we have to notice them faster than we have to notice other sybils. This is no fun, and easy to fix with very few downsides.

Child Tickets

Change History (12)

comment:1 Changed 4 years ago by arma

(Excitingly, I don't think I'll get my desired behavior here until #12877 is resolved too.)

comment:2 Changed 4 years ago by teor

Requiring Fast will make HSDir performance more reliable, and raise the bar for the amount of bandwidth sybils will need to dedicate to each instance to get HSDir. This will be at the cost of fewer relays with HSDir, which may even be a good thing.

comment:3 Changed 4 years ago by yawning

Keywords: 026-backport added
Parent ID: #8243

comment:4 Changed 4 years ago by dgoulet

Parent ID: #8243

I've removed the Parent ID so we can close the ticket because it has been merged.

This is still linked to #8243 in a way that it's an ongoing effort on making relay with HSDir flag be reliable.

comment:5 Changed 4 years ago by arma

Parent ID: #16538

comment:6 Changed 4 years ago by dgoulet

Keywords: TorCore201508 added
Owner: set to dgoulet
Status: newaccepted

comment:7 Changed 4 years ago by nickm

Keywords: PostFreeze027 added

I'd merge patches for these for 0.2.7 if they come in on time. In some cases, that will require figuring out an as-yet-unsolved bugs.

comment:8 Changed 4 years ago by dgoulet

Status: acceptedneeds_review

See branch: bug15963_026_01. This applies on 0.2.6 for backport and 0.2.7.

Here are some extra considerations. We currently have 2745 HSDirs and with this extra requirement, we'll be going down to 2342 HSDirs. Not too drastic.

comment:9 Changed 4 years ago by nickm

Milestone: Tor: 0.2.7.x-finalTor: 0.2.6.x-final

Merged to master; marking for possible backport.

comment:10 Changed 4 years ago by dgoulet

Keywords: tor-auth TorCore201508 PostFreeze027 removed
Status: needs_reviewaccepted

comment:11 Changed 4 years ago by nickm

Keywords: SponsorR removed
Sponsor: SponsorR

Bulk-replace SponsorR keyword with SponsorR sponsor field in Tor component.

comment:12 Changed 4 years ago by nickm

Milestone: Tor: 0.2.6.x-finalTor: 0.2.7.x-final
Resolution: implemented
Status: acceptedclosed

It's a feature! Not backporting.

Note: See TracTickets for help on using tickets.