[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Performance

Thus spake Marco Bonetti (marco.bonetti@xxxxxxxxxxxx):

> Hash: SHA1
> Mike Perry wrote:
> > The Tor settings are by far the more impactful of the two, I've found.
> doesn't changing the CircuitBuildTimeout and the NumEntryGuards give an
> advantage to an attacker which is spying on your connections?
> IIRC it should be mentioned in the design documents: an attacker which
> is reading traffic can isolate clusters of users depending on their tor
> client behavior and then launching other types of attack on them with
> higher percentage of success due to the previous clustering.

Timeout is only observable for cases where circuits fail to complete
within that timeout period, and this information doesn't easily
transfer to circuits that do complete unless you are the guard node.
However, the guard already has much better identifers to work with
(such as IP, TCP fingerprint, and potentially some information on Tor

Now, a middle node could potentially use some statistics about how
quickly a guard is known to extend circuits and try to cluster
circuits by distribution of their timeouts this way, but it only gives
that middle node information for the circuits clients AREN'T using.
Because failed circuits are completely abandoned and not partially
restarted, this information does not readily transfer well for
circuits that succeed unless you are the guard node too (which means
you have two hops in the circuit, and would have much better luck
using that effort to have your two hops be guard and exit).

Mike Perry
Mad Computer Scientist
fscked.org evil labs

Attachment: pgpsmUeWdGFAF.pgp
Description: PGP signature