[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How dangerous are malicious entry guards?



On Sat, Mar 30, 2019 at 08:20:18PM -0400, hikki@xxxxxxxxxxxxx wrote:
> I???ve got a technical question: How dangerous are malicious entry guards?

It depends what you're worried about, and what you're trying to protect.

> I???ve read undocumented claims about information/security agencies now using AI 
> on super computers to aid with traffic analysis/correlation/confirmation 
> attacks at entry node level

Huh. I don't think they should need supercomputers for such a thing.
It's all about what data you can get. The known math that you do with
the data, once you have it, doesn't (shouldn't) need a supercomputer.

> Does anyone have any technical opinions, explanations or resources regarding 
> this subject?

For the traffic analysis question in general, see papers from the PETS
conference and other anonymity literature:
https://petsymposium.org/
https://freehaven.net/anonbib/

For entry guards in particular, here are some URLs to start:
https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters
https://www-users.cs.umn.edu/~hoppernj/single_guard.pdf
https://blog.torproject.org/announcing-vanguards-add-onion-services

In general, don't just think about relay-level adversaries, but also think
about network-level adversaries who can observe (encrypted) Tor traffic.

And lastly, don't fall into traps where you think "omg Tor has this
potential entry guard issue, so I'm going to use this simpler centralized
system instead" -- because then you'll end up with that issue plus more.

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk