[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period

Subject: Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Tue, 10 Mar 2015 14:09:42 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 10 Mar 2015 10:09:52 -0400
In-reply-to: <044.f0e1de900e99b0e6752c4683a25a0fc6@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <044.f0e1de900e99b0e6752c4683a25a0fc6@xxxxxxxxxxxxxx>
Reply-to: tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#8240: Raise our guard rotation period
-------------------------+-------------------------------------------------
     Reporter:  arma     |      Owner:
         Type:  defect   |     Status:  new
     Priority:  major    |  Milestone:  Tor: 0.2.???
    Component:  Tor      |    Version:
   Resolution:           |   Keywords:  tor-client needs-proposal
Actual Points:           |  023-backport unfrozen
       Points:           |  Parent ID:
-------------------------+-------------------------------------------------

Comment (by amj703):

 Replying to [comment:42 asn]:
 > To share Mike's concerns here, I had a long discussion with Paul about
 this during the latest dev meeting. He feels that increasing the guard
 lifetime to 9 months makes certain attacks much more plausible.
 >
 > This is especially the case for hidden services, where guard discovery
 attacks are easy. I feel persuaded that we should plug these attacks, or
 make them harder to succeed, before increasing the lifetime here.
 >
 > He was also afraid of the effects of this to regular Tor clients as
 well, since after we moved from 3 to 1 guard, the middle nodes can link
 clients to  their guards more reliably. He is afraid that this might allow
 profiling of specific users, etc.
 >
 > I think all the above means, "more research is required".

 I disagree with this course of action. We know of a clear threat due to
 passive surveillance that can be mitigated by increasing the guard
 rotation period. We don't know exactly how this might balance with active
 attacks that involve guard compromise, targeted surveillance, or middle-
 relay linking. Rather than do nothing because you don't know everything, I
 would do something to fix the thing that you do know about. Also, I think
 Paul's concerns are unlikely to argue strongly for or against increasing
 the guard rotation period, because they will depend strongly on adversary
 properties that we know nothing about, such as the speed of targeted
 compromise.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8240#comment:44>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #15212 [Tor]: Log link protocol version counts as part of heartbeat
Next by Author: Re: [tor-bugs] #11150 [Tor]: Remove client code for connecting to and using 0.2.2 servers
Previous by thread: Re: [tor-bugs] #8240 [Tor]: Raise our guard rotation period
Next by thread: [tor-bugs] #15212 [Tor]: Log link protocol version counts as part of heartbeat
Index(es):
- Author
- Thread