Project

General

Profile

Feature #8283

Research more secure htpdate time pool design

Added by adrelanos almost 5 years ago. Updated over 3 years ago.

Status:
Confirmed
Priority:
Low
Assignee:
-
Category:
Time synchronization
Target version:
-
Start date:
11/21/2014
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

Description

intrigeri wrote:

I can't think of another area in which asking a hostile for advice is a
good idea. Maybe "if friend and foe both agree, you can be confident
that they're right; if they disagree, look further" - but that's not
what Tails htpdate is doing.

Indeed, it should probably discard information that is diverging too
much from what others tell us. Care to file a "research" ticket
about it?

mailing list thread:
Tails htpdate - why use time information from neutral and foe pools?

Please research if it was more secure if you had pal_pool_1, pal_pool_2, pal_pool_3 rather than neutral and foe pools.

History

#1 Updated by intrigeri almost 5 years ago

  • Subject changed from research more secure htpdate time pool design to Research more secure htpdate time pool design
  • Status changed from New to Confirmed
  • Priority changed from Normal to Low

I doubt anyone on our team will be working on this anytime soon => anyone interested, please do take it.

#2 Updated by intrigeri almost 5 years ago

  • Category set to Time synchronization

#3 Updated by adrelanos almost 4 years ago

I don't think any more research is required. Because we at Whonix discussed and throughly thought this through:
https://github.com/Whonix/Whonix/issues/310
There imho is no logical defensible argument in favor of asking foe's for something. I could perhaps rehash that discussion and make an argument in favor of my view if that is required.

#4 Updated by intrigeri over 3 years ago

Is the reasoning behind Whonix design decision on this topic summed up anywhere?

Also available in: Atom PDF