Opened 7 years ago

Last modified 18 months ago

#4359 new enhancement

Minimize time between new relay appearing and having some bw vote for it

Reported by: arma Owned by: mikeperry
Priority: Medium Milestone:
Component: Core Tor/Torflow Version:
Severity: Normal Keywords:
Cc: Actual Points:
Parent ID: #13630 Points:
Reviewer: Sponsor:

Description

In #2286 I point out a huge security problem in Tor, which is that new relays can lie about their bandwidth and get away with it.

One of the components of my suggested fix is to minimize the period of time between when a new relay appears in the network, and when we have an opinion about its bandwidth.

So it would be great for the bwauths to recognize new relays and schedule them for high-priority tests.

Or is that already done? What's the expected turnaround time?

This ticket is perhaps related to #2550.

Child Tickets

Change History (5)

comment:1 Changed 7 years ago by mikeperry

There already is logic to measure least-measured nodes first in a given slice, but if the relays show up in a ratio percentile slice that is not actively being scanned, they will wait until that slice starts being scanned.

One hack to accomplish this is to devote a single dedicated scanner that only scans the slice of nodes with descriptor bandwidth equal to consensus bandwidth.

However, since the slices are created based on percentiles, it will be hard to predict which ratios are scanned first.

My opinion is that the bandwidth auths are not the place to add excessive complexity for measurement security, because they aren't really about providing secure measurements. I think A+A' of #2286 are the right way to solve the security issue in the short term.

comment:2 Changed 7 years ago by mikeperry

As a stop-gap, it is easy to have the bw auths emit a NOTICE or WARN if they have not measured at least X% of the previous consensus bandwidth.

I have added a NOTICE to aggregate.py if the 5% of the consensus bandwidth is unmeasured, and a WARN if 25% of it is unmeasured.

comment:3 Changed 6 years ago by nickm

Parent ID: #2286

Removing parent because we're about to close 2286.

comment:4 Changed 18 months ago by teor

Parent ID: #13630
Severity: Normal

This is a feature that belongs in the new bwauth replacement project, see #13630.

comment:5 Changed 18 months ago by teor

Priorities and Severities in torflow are meaningless, setting them all to Medium/Normal.

Note: See TracTickets for help on using tickets.