[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] CVE-2020-8516 Hidden Service deanonymization

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] CVE-2020-8516 Hidden Service deanonymization
From: Paul Syverson <paul.syverson@xxxxxxxxxxxx>
Date: Tue, 4 Feb 2020 16:30:30 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 04 Feb 2020 16:30:46 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nrl.navy.mil; h=date : from : to : subject : message-id : references : mime-version : content-type : in-reply-to; s=s2.dkim; bh=lwktrMWLboMxI9cl+J6r+oBdtB45e3hK71HilKJJtTg=; b=q1x9m79BNn+1aHC0POXxYs7FV/F0yzssLYtH80XvSvvvB2yr50eHoo/mbs+shlsTG0/u c+y5IdXtp72ntTiVMaBfQ5WitldYzo7YybMyFBuM8sTei1HX9dAnNx0AMi1/mBhY+VRO m2t7VcNn0BpTlBwuGdcHSl4wKjQ0mhumUTuWkGaX0X3qvZJ7xiaxtlmPJTsfL5EGWDZA nODdys4UFnuE4ain8qrsEkpDChtOCmtP/T+ceXwO+17olqEAt7PIb7DFOD/LwTBjKcRO HlJUER+VAfS1CLOqa5l1xbKdC0GUM5ZSApUBiWBGHor1Qz6iau25PCqwQd+QClMrPEEp hg==
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nrl.navy.mil; h=date : from : to : subject : message-id : references : mime-version : content-type : in-reply-to; s=s1.dkim; bh=lwktrMWLboMxI9cl+J6r+oBdtB45e3hK71HilKJJtTg=; b=C9CEZyQH6QK3MfBzVeViY64M6sdnEPLuq3s0payvWIqL6yrOHszoybY12EOILhK3mjzG Tyu/fqoZUzWEnPKHK6oUVNLX/MvE6Gqv0sVHnOaJ5WyZt48mpez2DQAlYIMz6/iSVUWg 2SelLiSkuIpLnz/7/EN8ETBv9mbgeowyrjs=
In-reply-to: <20200204211523.cgvuer2b4ekaimi6@raoul>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <7f5cee99-d807-8a42-8fec-d055ddf97631@avanix.es> <20200204211523.cgvuer2b4ekaimi6@raoul>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.23 (2014-03-12)

On Tue, Feb 04, 2020 at 04:15:23PM -0500, David Goulet wrote:
> On 04 Feb (19:03:38), juanjo wrote:
> 
[snip]
> 
> And the reason for private nodes is probably because this way you eliminate
> noise from other tor traffic so _anything_ connecting back to your ORPort is
> related to the onion service connections you've done. You don't need to filter
> out the circuits with some custom code (which is very easy to do anyway).
> 
> That is unfortunately a problem that onion service have. These types of guard
> discovery attacks exists and they are the primary reasons why we came up with
> Vanguards couple years ago:
> 
> https://blog.torproject.org/announcing-vanguards-add-onion-services
> 

Indeed. Just to underscore the point: we demonstrated those attacks
in the wild and proposed versions of vanguards in the same work where
we introduced guards in the first place, published way back in 2006.

> But one thing for sure, simply forcing rendezvous points to be part of the
> consensus will _not_ fix this problem as it is fairly easy to pull this type
> of attack by simply using a normal relay within the consensus.
> 
+1

aloha,
Paul
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

References:
- [tor-dev] CVE-2020-8516 Hidden Service deanonymization
  - From: juanjo
- Re: [tor-dev] CVE-2020-8516 Hidden Service deanonymization
  - From: David Goulet

Prev by Author: Re: [tor-dev] TOR Browser Circuit Selection of Exit Nodes
Next by Author: [tor-dev] tor sending requests with a token
Previous by thread: Re: [tor-dev] CVE-2020-8516 Hidden Service deanonymization
Next by thread: Re: [tor-dev] CVE-2020-8516 Hidden Service deanonymization
Index(es):
- Author
- Thread