Over the past few years, Tor developers have read days of network logs trying to understand and fix the DoS threat. Because of our protocol's inherent asymmetric nature, there is no easy fix, and a more fundamental approach is needed to address it. (2/8)
The idea is that clients need to include more information in their connection requests, so the onion service can prioritize which requests it responds to. (3/8)
Approach 1: Enter anonymous tokens. Imagine them as anonymous and unlinkable tickets that give you access to an onion service. These tokens were originally proposed for e-cash, but they've since been used in blockchains and in various types of private authentication schemes. (4/8)
If we can ensure that attackers cannot get enough tokens to sustain a DoS attack, we can ensure free access to the service. Such tokens can be given to users by the onion service itself, or we can devise a variety of third-party services who provide such tokens to users. (5/8)
While Proof-Of-Work has been traditionally used to power blockchains, it was originally suggested for DoS protection. Tor devs have been exploring the space and we believe that such a system could work wonders against the DoS attacks the network is currently experiencing. (7/8)
@torproject what would be different in the POW system to prevent ASIC exploitation and subsequent complexity explosion like bitcoin had?
I created PacketCrypt, a PoW which incentivizes the expenditure of bandwidth (ask me why that's good). With what I know I would say is in Tor's situation, "mine 1 coin to enter" probably not a working solution (attackers will just mine).
Captchas are better, can be provided by the hidden service, just need to make sure it's cheap to verify...
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!