[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit
#3678: Disallow more than one relay per country in a circuit
-------------------------+--------------------------------------------------
Reporter: cypherpunks | Owner:
Type: enhancement | Status: needs_information
Priority: major | Milestone: Tor: very long term
Component: Tor Client | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Changes (by proper):
* cc: proper@â (added)
Comment:
I don't want to trivialize the problem with the internet exchange points.
Research and a solution is still required. But let's put that attack aside
for a moment, as this attack is not yet used in the wild against Tor
users.
More critical at the moment is, that single countries can force their
country's Tor relays, to log, through to a surveillance court order.
During the investigation (depending on their local law) the local Tor
relay operators may not even publish, that they are forced to log.
The adversary has to wait until their target uses a circuit with all three
hops in their country.
As an intermediate solution, I suggest to stop using more than one country
per circuit. That would require at least three countries to cooperate and
to force their Tor node operators to log.
Implementing this as an intermediate solution would also require the
adversary to use more expensive, sophisticated attacks than country wide
passive logging for Tor nodes.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3678#comment:20>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs