GitLab

EigenSpeed could provide a lot of security improvements to the Tor network in the face of all sorts of amplification attacks. It just sort of sucks because the passive version could not measure fast relays, and so we've never used it.

However, an active version based on CapProbe, PacketPair, etc could possibly measure capacity in as little as a handful of UDP packets, enabling distributed active lightweight measurements. We could also blend in circuit failure rate information.

As an alternative, we could also try using the passive EigenSpeed for slow relays and the bw authorities only for the faster ones...

The big problem is that this is basically a research effort. We're going to need to try at least a couple different versions of these designs and compare them to each other, and then compare them to the current bandwidth authorities, to make sure everything is as performant and abuse tolerant as possible.