[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: a serious TOR adversary?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: a serious TOR adversary?
From: "F. Fox" <kitsune.or@xxxxxxxxx>
Date: Wed, 21 May 2008 16:54:18 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 21 May 2008 19:54:34 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=AJaFKj6ycDyTYRq2Lomqsyi9mi1dyhwKhFhZqvADsLc=; b=TvDX34doGHNsIDR6OTFJl/4gRZJ8jYZP66zsULZSt/DwUu5ASMHF7di+DQSc8Sus/0JoS0NTO12sB3M0gUO36gcFnrxP+j8/0QNciP2yXzeCVs0TPHk51iTCcFHcLuzLQNQp/P889pZCpaZFHqW9BVdW2SX9ggSDR7F1xo1wu3Q=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=ka13KNOntyRCEeCTm+k4A9dC2ZkMUND4/Kd7X1ZaakDy+kjPTtPN1lg43FyCK7bMyJVkZKW7KMl6AF/3E3WM1lgPdTrDo1DgnnbhWwzlTEO/SibR3diSe/3g0wXkXFS2TT61N3ZKSyy9tLorUNQlm4+3Jv6h6uawCa3X/GjWzz4=
In-reply-to: <4834A68D.8050305@xxxxxxxxxx>
References: <7a013f2b0805190131k3ed4f4aclb155751f739f1138@xxxxxxxxxxxxxx> <48340B65.5000504@xxxxxxxxx> <4834A68D.8050305@xxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla-Thunderbird 2.0.0.12 (X11/20080420)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Eugene Y. Vasserman wrote:
(snip)
> "Furthermore, we show that a well-provisioned adversary, using a
> topological map of the network, can trace-back the path of an anonymous
> user in under 20 minutes."
> 
> Most Tor circuits only live a maximum of 10 minutes, no? I never figured
> out just how much of hard limit this is. Can an application ask to keep
> the circuit longer? Can someone in the know clue me in?
> 
> Eugene
> 

If I remember right, a circuit will accept new streams (usually meaning
new connections to servers) for a maximum of 10 minutes.

However, once a  connection has been established, the circuit it's using
will remain open until:

1.) The application closes the connection (if it reconnects, it'll use a
new circuit);

2.) The circuit "dies," like from a node or a link going down.

- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQIVAwUBSDS2Kuj8TXmm2ggwAQju9BAAv1O/LxqT2YRDm++U/CpQtAtD0Qj5Cij4
zGAr6q3jsqkT6ntj6a970k/aVhcgo2R0+lc7/UPqDGcPQhy4Z1FTUjyDE2cmnQzM
50fMQS5dps+g2kmVMRz6mYufcdlkhcgFfZnceyoNE7WQjvGRTPYYZO6KoVaKRPox
grerSE7huGOpkYcL2aBWl4PP8+4+Eb1dF5Sz+4GfCuJLj+rYNyyNmvKf1mt3jxvE
IWUZ28dJtGrDe0nyTjGBZ/cTkHyrgEZqYe3b5LGBmMr57ONvSi3f40YCJrL/FKj3
P2QHU665uhgN+z5u6ijd9UkohYXxoGnYDrO9Px9I3CXWsgaI9zaJBG4SFMp70e6T
eAPA9Dxkp9IY3U+tbjitaAu84Xg4lFE5/i9H1nxQe4UPSoyRFNxDNfCsYobml6ex
nJ+SurnrKTuqivLRPSG5rdRIrj9ENabXpl+OwoEwm6LA3z23bQf4M+IHgW99BaR0
1Jpnndse+2DtYVMA6jjXnqkLLuZso+Bffp3v8XcVYJq0axN3u2isxgh/UR6sYo8A
hQSdkdA2ioLgvaC+6x5OfSdmmEWq5kl3y9oDRdfljqCESngKZ8S1zYIbebhyZC8q
oti6inatBBx/x8Jxn0hOhWdtWywSRdbdMrpG6IEULT1tmsSP+QlL9P7eNDfKR2yJ
0tmJ2W5wNuM=
=76Q3
-----END PGP SIGNATURE-----

References:
- Tor server for port 443
  - From: Grant Heller
- a serious TOR adversary?
  - From: Bernardo Bacic
- Re: a serious TOR adversary?
  - From: Eugene Y. Vasserman

Prev by Author: Attacking the GPA-simulation scenario, point-by-point [Was: Re: Oh boy...]
Next by Author: Re: GPG Public Keys
Previous by thread: Re: a serious TOR adversary?
Next by thread: Re: a serious TOR adversary?
Index(es):
- Author
- Thread