[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #29174 [Core Tor/Tor]: Guard Node can eclipse the hidden service



#29174: Guard Node can eclipse the hidden service
-----------------------------------+------------------------------------
 Reporter:  TBD.Chen               |          Owner:  (none)
     Type:  defect                 |         Status:  new
 Priority:  Very High              |      Milestone:
Component:  Core Tor/Tor           |        Version:  Tor: 0.3.0.1-alpha
 Severity:  Critical               |     Resolution:
 Keywords:  guard, hidden service  |  Actual Points:
Parent ID:                         |         Points:
 Reviewer:                         |        Sponsor:
-----------------------------------+------------------------------------

Comment (by TBD.Chen):

 Hi, I have deeply investigate the Proposal 291(291-two-guard-nodes),
 292(292-mesh-vanguards), however, this problem is not mentioned by them.

 So, can I get a TROVE-id or CVE-id for this bug track? Which can eclipse
 hidden services stealthily :)



 Replying to [comment:3 mikeperry]:
 > Interesting. This is another argument for Proposal 291 in my mind. A
 single guard has too much power to induce DoS and other downtime signals
 like this. The vanguards addon should similarly mitigate this attack, as
 it uses 2 guards by default. The malicious guard would just cause
 introduce1 timeouts on clients, but not be able to mount a full "eclipse"
 DoS attack.
 >
 > As for path bias -- it was designed to detect circuit failures caused by
 the guard. This case is different because the circuit can become live and
 successfully used for one or more initial introduce1 cells, and thus path
 bias system will deem it successfully used. After that point, there is no
 way for a client to determine if the circuit has just gone quiet because
 no one is using the HS vs the guard simply not sending any more introduce1
 cells on the circuit.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29174#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs