[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #33129 [Core Tor]: Tor node that is not part of the consensus should not be used as rendezvous point with the onion service



#33129: Tor node that is not part of the consensus should not be used as rendezvous
point with the onion service
----------------------------+--------------------------
 Reporter:  cypherpunks     |          Owner:  (none)
     Type:  defect          |         Status:  new
 Priority:  Very High       |      Component:  Core Tor
  Version:                  |       Severity:  Critical
 Keywords:  onion services  |  Actual Points:
Parent ID:                  |         Points:
 Reviewer:                  |        Sponsor:
----------------------------+--------------------------
 According to this article attacker is able to to chose a server that is
 running Tor but is not part of the Tor network as an rendezvous point with
 the onion service so that he can discover in to which family onion
 service`s guard node belongs and than use that information to ddos Tor
 nodes in that family so that onion service drops that guard node and
 instead chose his Tor node as a guard node.

 https://www.hackerfactor.com/blog/index.php?/archives/868-Deanonymizing-
 Tor-Circuits.html

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33129>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs