Hello Nick, isis and Mike!
It seems like some Thoughtworks folks (from here on referred to as FRITO [0]) are interested in helping us with Tor hidden services development for 4 weeks or so. They start early next week! :)
They were looking for a coding project that is tractable within a month given a team of four people. Also, it should be fun, interesting and be related to hidden services.
One of the projects we discussed and found potentially fitting was proposal 259: https://gitweb.torproject.org/torspec.git/tree/proposals/259-guard-selection...
It is my undertanding that the next steps here involve implementing the various proposed algorithms and evaluating how they cope in some simulated scenarios. Nick and Isis started working on this in Python here: https://github.com/isislovecruft/guardsim You can find the scenarios that need to be tested here: https://github.com/isislovecruft/guardsim/blob/master/doc/stuff-to-test.txt
This project seems quite suitable for the FRITO crew :)
The idea here is that after we decide which one is the best algorithm to use, we would implement it for little-t-tor in C. The best algorithm is the one that achieves the greatest reachability and security tradeoff. The algorithm should also be designed in such a way that fits into the tor asynchronous networking API. It would be amazing if FRITO could help us here as well, but maybe we can start up with the Python simulation and see if they like the project!
Isis and Nick, are you currently working on the guardsim code? Would you be OK if it was taken over by FRITO? Any advice for them?
Also, is there a ticket we should be using for this project? If not, I will make one ASAP.
Cheers!
[0]: FRITO is derived from their names: Fan, Reinaldo, Ivan, Tania and Ola. They are all CCed.
PS: We recently did a reading group about prop259 and a few other proposals that you might find interesting. The minutes can be found here: https://lists.torproject.org/pipermail/tor-dev/2016-January/010265.html and the raw logs here: http://meetbot.debian.net/tor-dev/2016/tor-dev.2016-01-19-16.03.log.html
George Kadianakis transcribed 2.1K bytes:
Hello Nick, isis and Mike!
It seems like some Thoughtworks folks (from here on referred to as FRITO [0]) are interested in helping us with Tor hidden services development for 4 weeks or so. They start early next week! :)
Hello Fan, Reinaldo, Ivan, Tania, and Ola,
Thanks for offering to help us!
They were looking for a coding project that is tractable within a month given a team of four people. Also, it should be fun, interesting and be related to hidden services.
One of the projects we discussed and found potentially fitting was proposal 259: https://gitweb.torproject.org/torspec.git/tree/proposals/259-guard-selection...
Proposal #259 isn't specifically related to HSes, but is about guard selection in general. At the time I wrote it, I was only designing the algorithms to be used for "first-layer" guard selection, that is, the guard(s) to which a client-like thing directly connects. Currently, the idea for HSes is to have multiple (variously sized) layers of guards rotating at various (differing) timings. See proposal #247: https://gitweb.torproject.org/torspec.git/tree/proposals/247-hs-guard-discov...
However, some subset of the prop#259 algorithm could easily be separated out to function for choosing Nth-layer guards as well. This is probably trivial to do, but I honestly haven't given it any thought yet.
It is my undertanding that the next steps here involve implementing the various proposed algorithms and evaluating how they cope in some simulated scenarios. Nick and Isis started working on this in Python here: https://github.com/isislovecruft/guardsim You can find the scenarios that need to be tested here: https://github.com/isislovecruft/guardsim/blob/master/doc/stuff-to-test.txt
This project is mostly done, although it could still use an extra (few) set(s) of eyes looking at it and trying to figure out how to optimise the algorithm further. I've updated doc/stuff-to-test.txt with how to run the various simulated attack scenarios, and marked other things with TODOs.
Isis and Nick, are you currently working on the guardsim code? Would you be OK if it was taken over by FRITO? Any advice for them?
I have plenty of other work to do, and would absolutely welcome help on this, if doing so interests FRITO.
Also, is there a ticket we should be using for this project? If not, I will make one ASAP.
https://bugs.torproject.org/17262
-
George Kadianakis -
isis