Delivery-Date: Fri, 06 Feb 2015 18:15:12 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id DC29F1E0C9E
	for <archiver@seul.org>; Fri,  6 Feb 2015 18:15:10 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 4CEDD33333;
	Fri,  6 Feb 2015 23:15:05 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 4EA3633178
 for <tor-talk@lists.torproject.org>; Fri,  6 Feb 2015 23:15:01 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id GahJAORMsVKS for <tor-talk@lists.torproject.org>;
 Fri,  6 Feb 2015 23:15:01 +0000 (UTC)
Received: from vincent.hireahit.com (vincent.hireahit.com [23.19.120.58])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 39147330AF
 for <tor-talk@lists.torproject.org>; Fri,  6 Feb 2015 23:14:58 +0000 (UTC)
Received: from VINCENT.hireahit.com by hireahit.com (vincent.hireahit.com)
 (SecurityGateway 3.0.2) with ESMTP id SG001665378.MSG 
 for <tor-talk@lists.torproject.org>; Fri, 06 Feb 2015 15:14:55 -0800
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=hireahit.com;
 s=MD-20140321; t=1423264493; x=1423869293; q=dns/txt; h=Message-ID:
 Date:From:User-Agent:MIME-Version:To:Subject:References:
 In-Reply-To:Content-Type:Content-Transfer-Encoding; bh=otlzfs0KJ
 AG+i8mChMss2YNuwosXlbkBiiwaEwR8558=; b=gEsE18wHzAxOrLG5ZvvZc9rYP
 jVPo3S1f4kkUJzBQsTKSqGX8Utpe9uSMmnqxzUstp8nm8O52rqQ+76gxOxt28XGJ
 goospw59xc0tjjMzC1wZXkhDubtaXRKRf4yFtaH98/0JXR5eDGLaFMl2+4qQOhpY
 vfNjB3aJ8zG8LRLHsk=
Received: from [x.x.x.x] (184.68.44.226) by VINCENT.hireahit.com (23.19.120.58)
 (Cipher TLSv1:AES-SHA:256) (MDaemon PRO v15.0.0d) 
 with ESMTPSA id 21-md50000016197.msg for <tor-talk@lists.torproject.org>;
 Fri, 06 Feb 2015 15:14:53 -0800
X-MDRemoteIP: 184.68.44.226
X-MDArrival-Date: Fri, 06 Feb 2015 15:14:53 -0800
X-Authenticated-Sender: davew@hireahit.com
X-Return-Path: davew@hireahit.com
X-Envelope-From: davew@hireahit.com
X-MDaemon-Deliver-To: tor-talk@lists.torproject.org
Message-ID: <54D54AEB.2000805@hireahit.com>
Date: Fri, 06 Feb 2015 15:14:51 -0800
From: Dave Warren <davew@hireahit.com>
User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64;
 rv:24.0) Gecko/20140623 FossaMail/24.6.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54D4FA72.2010402@riseup.net> <54D5432A.4080005@whonix.org>
In-Reply-To: <54D5432A.4080005@whonix.org>
Subject: Re: [tor-talk] Using Tor Hidden Services as Time Source
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

On 2015-02-06 14:41, Patrick Schleizer wrote:
> Hello, I a developer of an anonymity-centric distribution. Called
> Whonix, it's similar to TAILS but optimized for virtual machines.
>
> We need to use a source to calibrate our system clock. For obvious and
> non-obvious reasons, that source can't be NTP. The way we do it at the
> moment is to fetch HTTP headers over SSL from trusted servers and use
> the timestamp data.
>
> We want to get rid of SSL and make use of the strong security properties
> of Tor's end-to-end encryption for Hidden Services in order to safeguard
> against clearnet SSL MITM attacks, which are within reach of powerful
> adversaries.
>
> Our plan is to contact hidden service operators, adding multiple
> trustworthy hidden services to the list for both redundancy and load
> distribution. Our estimated user base is 5000. The requests will only
> involve fetching an HTTP header from the server, similar to `curl --head
> atlas777hhh7mcs7.onion`.
>
> Before simply implementing this feature and hoping Tor handles the load
> without issue, we'd like expert (deep knowledge of Tor internals,
> network size, paths, etc) and (hopefully) official responses to our idea.
>

I assume you're okay with very low accuracy here, clock drift of over a 
second will be quite common when using HTTP over Tor. This probably 
isn't a big deal for desktop users, but but part of why NTP is generally 
used is because it can allow for accurate time delivery even over 
networks with higher latency, and somewhat inconsistent latency.

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

