[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor DNS Deanonymization

To: "tor-talk@xxxxxxxxxxxxxxxxxxxx" <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Tor DNS Deanonymization
From: Nick Mathewson <nickm@xxxxxxxxxxxxxx>
Date: Wed, 19 Oct 2016 10:31:21 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 19 Oct 2016 10:31:41 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to; bh=WSiyJesK+Hmzi25qMisOIkqPr1jsxVyrH4xd6Ij3bEI=; b=YuddeXM36S5xO0xW47rLhXsAL1N5HAsXJEa4SxkxrsEn8QUqME5sESaC2GzmCpo5Wx XnpxsISoa43Ioe2/KigOzgg5rIiuIw4Rn/VxaAD+q1WSsU/mPbOrhCfDAQaA4DEGydY/ Vtc58yEzMcGbwZOT6qzZK7/iSPTIHyJLdX8t2iyJuJq59ue7e0HvMVcyOIPd9qIcScO+ QZKA4gAV4vcgaWWeqBnz2pq8Hh+/GS2dX3FHEE+FGGLyU3sp1VMtB6n1/ylZjIwobdik tDtY1SHrGknGdBGeUav0fyelJK8iuR27amzSSVOSgs+OOz1jJvNg12xjfA5qqL3S5GUu ooYg==
In-reply-to: <20161018143959.GD2677@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <2EA59F4E-6CB7-46E1-A234-4F830057DACA@gmail.com> <20161014150944.GG3449@riseup.net> <CAKDKvuwL+hcfhJM5XDmuFewQbDsR9BiaamtAusKOJq1qw9YpgQ@mail.gmail.com> <20161018143959.GD2677@riseup.net>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

On Tue, Oct 18, 2016 at 10:39 AM, Philipp Winter <phw@xxxxxxxxx> wrote:
> On Sun, Oct 16, 2016 at 01:15:32AM -0400, Nick Mathewson wrote:
>> On Fri, Oct 14, 2016 at 11:09 AM, Philipp Winter <phw@xxxxxxxxx> wrote:
>>  [...]
>> > There are two ways to mitigate the issue.  First, we need better
>> > defences against website fingerprinting, so an attacker learns less by
>> > observing the connection to your guard relay.  Second, we need to
>> > improve the DNS setup of exit relays.  I would like to see less relays
>> > use Google's resolver, and we need to move towards encrypted DNS.
>>
>> Thanks, Philipp!
>>
>> Could you comment at all about whether our current exit side dns
>> caching approach makes the attack harder, easier, or doesn't matter?
>
> Generally, the longer exit relays cache domains, the less precise the
> attack.  The trade-off is illustrated in Figure 10b in our paper [0].
> At the moment, exit relays cache domains for only 60 seconds [1],
> regardless of the domain's TTL.  If that bug is fixed, the attack
> becomes a bit harder to mount.  It can become even harder if exit relays
> were to cache each domain for, say, 10 minutes or more.
>
> [0] <https://nymity.ch/tor-dns/tor-dns.pdf>
> [1] <https://bugs.torproject.org/19025>

Thanks!  I've just pulled #19025 (and its sibling, #19769) into
consideration for 0.3.0.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor DNS Deanonymization
  - From: Justin
- Re: [tor-talk] Tor DNS Deanonymization
  - From: Philipp Winter
- Re: [tor-talk] Tor DNS Deanonymization
  - From: Nick Mathewson
- Re: [tor-talk] Tor DNS Deanonymization
  - From: Philipp Winter

Prev by Author: Re: [tor-talk] Tor DNS Deanonymization
Next by Author: Re: [tor-talk] Is it secure to use Tor with HTTP Proxies?
Previous by thread: Re: [tor-talk] Tor DNS Deanonymization
Next by thread: [tor-talk] playing with OnionCat, VPNs and stuff
Index(es):
- Author
- Thread