[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] How dangerous are malicious entry guards?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] How dangerous are malicious entry guards?
From: Roger Dingledine <arma@xxxxxxxxxxxxxx>
Date: Sat, 30 Mar 2019 20:48:03 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 30 Mar 2019 20:48:16 -0400
In-reply-to: <N1M-Zoefg0X_c9@Safe-mail.net>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1M-Zoefg0X_c9@Safe-mail.net>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.10.1 (2018-07-13)

On Sat, Mar 30, 2019 at 08:20:18PM -0400, hikki@xxxxxxxxxxxxx wrote:
> I???ve got a technical question: How dangerous are malicious entry guards?

It depends what you're worried about, and what you're trying to protect.

> I???ve read undocumented claims about information/security agencies now using AI 
> on super computers to aid with traffic analysis/correlation/confirmation 
> attacks at entry node level

Huh. I don't think they should need supercomputers for such a thing.
It's all about what data you can get. The known math that you do with
the data, once you have it, doesn't (shouldn't) need a supercomputer.

> Does anyone have any technical opinions, explanations or resources regarding 
> this subject?

For the traffic analysis question in general, see papers from the PETS
conference and other anonymity literature:
https://petsymposium.org/
https://freehaven.net/anonbib/

For entry guards in particular, here are some URLs to start:
https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters
https://www-users.cs.umn.edu/~hoppernj/single_guard.pdf
https://blog.torproject.org/announcing-vanguards-add-onion-services

In general, don't just think about relay-level adversaries, but also think
about network-level adversaries who can observe (encrypted) Tor traffic.

And lastly, don't fall into traps where you think "omg Tor has this
potential entry guard issue, so I'm going to use this simpler centralized
system instead" -- because then you'll end up with that issue plus more.

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] How dangerous are malicious entry guards?
  - From: hikki

Prev by Author: Re: [tor-talk] Data collection by Tor Browser
Next by Author: Re: [tor-talk] Tor to become illegal in Europe?
Previous by thread: [tor-talk] How dangerous are malicious entry guards?
Next by thread: [tor-talk] Syncing bookmarks
Index(es):
- Author
- Thread