[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-bugs] #8240 [Tor]: Raise our guard rotation period

To: undisclosed-recipients:;
Subject: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 15 Feb 2013 21:42:36 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 15 Feb 2013 16:42:46 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-bugs>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx

#8240: Raise our guard rotation period
---------------------------------------+------------------------------------
 Reporter:  arma                       |          Owner:                    
     Type:  defect                     |         Status:  new               
 Priority:  normal                     |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor                        |        Version:                    
 Keywords:  tor-client needs-proposal  |         Parent:                    
   Points:                             |   Actualpoints:                    
---------------------------------------+------------------------------------
 Tariq's COGS paper from WPES 2012 shows that a significant component of
 guard churn is due to voluntary rotation, rather than actual network
 changes:
 http://freehaven.net/anonbib/#wpes12-cogs

 In short, if the target client makes sensitive connections continuously
 every day for months, and you (the attacker) run some fast guards, the
 odds get pretty good that you'll become the client's guard at some point
 and get to do a correlation attack.

 We could argue that the "continuously every day for months" assumption is
 unrealistic, so in practice we don't know how bad this issue really is.
 But for hidden services, it could well be a realistic assumption.

 There are going to be (at least) two problems with raising the guard
 rotation period. The first is that we unbalance the network further wrt
 old guards vs new guards, and I'm not sure by how much, so I'm not sure
 how much our bwauth measurers will have to compensate. The second
 (related) problem is that we'll expand the period during which new guards
 don't get as much load as they will eventually get. This issue already
 results in confused relay operators trying to shed their Guard flag so
 they can resume having load.

 In sum, if we raise the rotation period enough that it really results in
 load changes, then we could have unexpected side effects like having the
 bwauths raise the weights of new (and thus totally unloaded) guards to
 huge numbers, thus ensuring that anybody who rotates a guard will
 basically for sure get one of these new ones.

 The real plan here needs a proposal, and should be for 0.2.5 or later. I
 wonder if we can raise it 'some but not too much' in the 0.2.4 timeframe
 though?

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8240>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Follow-Ups:
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki
- Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
  - From: Tor Bug Tracker & Wiki

Prev by Author: Re: [tor-bugs] #8209 [Tor]: Make the behavior for using _SC_OPEN_MAX vaguely sensible.
Next by Author: Re: [tor-bugs] #8231 [Tor]: Clients can go crazy when unable to find directory guards
Previous by thread: [tor-bugs] #8239 [Tor]: Hidden services should try harder to reuse their old intro points
Next by thread: Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
Index(es):
- Author
- Thread