How Tor stopped DDoS and how cf could too
https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/
If a lot of requests are made, Tor does a PoW challenge, the PoW adapts to the amount of requests being made, the source code is already public and has been audited, please cf implement this. You would solve DDoS once and for all.
Introducing Proof-of-Work Defense for Onion Services | Tor Project
Today, we are officially introducing a proof-of-work (PoW) defense for onion services designed to prioritize verified network traffic as a deterrent against denial of service (DoS) attacks with the release of Tor 0.4.8.
5 Replies
If attackers attempt to flood an onion service with requests, the PoW defense will kick into action and increase the computational effort required to access a .onion site. This ticketing system aims to disadvantage attackers who make a huge number of connection attempts to an onion service. Sustaining these kinds of attacks will require a lot of computational effort on their part with diminishing returns, as the effort increases.
Tor's PoW defense is a dynamic and reactive mechanism, remaining dormant under normal use conditions to ensure a seamless user experience, but when an onion service is under stress, the mechanism will prompt incoming client connections to perform a number of successively more complex operations. The onion service will then prioritize these connections based on the effort level demonstrated by the client. We believe that the introduction of a proof-of-work mechanism will disincentivize attackers by making large-scale attacks costly and impractical while giving priority to legitimate traffic.
And how could it be bypassed? This been proposed years ago, no one has been able to find a bypass in that time
The same way as UAM, but less intrusive, faster and automatic
The only part that it wouldn’t fix are APIs without previous browser access on that domain, but that is not very common
But it is not the same comparing traffic and individual websites
Most api websites are big
Cloudflare can protect them in other ways, the tor solution is not perfect, but it works for most websites
I'm confused on how this helps Cloudflare? This is something specific for tor and the onion network
It could be aplied to cf too
Like with their onion routing?
No, the PoW model
Yes, but not progressively
If a challenge takes half a second, the amount of power needed to attack a website becomes almost impossible for 99% of thread actors
The cost added is astronomical, with the same hardware you could do 100000 RPS, you can only do 100 with that kind of PoW
Well, it works based on numers, you put a number that your backend can handle, if the attack is bigger than the number then there is a PoW, if the attack is still bigger, there is a bigger PoW and so on
The PoW is the minumum needed for the attack to stop, and if the attacker has bigger hardware, the PoW becomes bigger
But that would requiere cf automatically challenging the bad requests
The problem is that requests are challenged individually, so they are treated the same way when there is an attack than where there isn't
I have recieved a lot of attacks, cf doesn't challenge all the requests when there is an attack
I think the most important thing from the Tor implementation is automatically activating it
Cf UAM is great, but it would be 100 times better if it activated automatically when there is an attack
That's the problem
Well, would it really be difficult to have a config option where you can set an amount of requests that if surpassed activates cf UAM?
Indeed, cf already does that, cf sends notifications when there is an attack
Would it be hard to have an option where when this happens, UAM is activated?
I don't think it would be too hard, and it would be a life saver for a lot of people, every time I see a site that has UAM activated at all times, it makes me think about all the time and bandwidth and electricity wasted by doing challenges when the site is not under attack, please consider this