[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #33648 [Core Tor/Tor]: vanguards: What is the recommended value?
#33648: vanguards: What is the recommended value?
--------------------------+----------------------------------
Reporter: cypherpunks | Owner: mikeperry
Type: task | Status: assigned
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: vanguards | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
--------------------------+----------------------------------
Comment (by mikeperry):
Replying to [comment:8 Thernet]:
> Replying to [comment:5 mikeperry]:
> > Q1 - Smaller values for max circuit age may make you stand out a
little.
>
>
> "Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden
Service"
> ISBN 978-1-939133-11-3
>
> {{{
> First, all circuits should have **similar lifetime**.
> Client IP and hidden service IP lasts either a **very short or very long
time**,
> and this is **very identifying**.
> }}}
>
> Vanguards' circ_max_age_hours makes you unique. Are you sure this
configurable parameter is safe to use for everyone?
The max is meant to be set waaayyy beyond onion service setup times -- as
in hours or days. And it is a max. If a circuit is closing for other
reasons, it does not keep it open. Our circuit padding defense handles
this, though.
I do not think this is extremely fingerprintable, but it is noticeable at
the guard in cases where your circuits do live this long and they get
closed at exactly this time. It is arguable that maybe we should randomize
this so we don't close on exactly this value, but it is also meant to be
used as a safeguard against *really* long circuits, as in day-long or
longer, since at that point intermeditate TLS connections may rotate and
expose you to traffic analysis risks due to that.
Note that vanguards does not attempt to conceal its presence from client,
local, or guard adversaries -- it is possible for both adversaries to
determine you are using the addon. This is documented in the security
document: https://github.com/mikeperry-
tor/vanguards/blob/master/README_SECURITY.md
Search that document for vanguards for details. It is possible to tune
some of those things to be less noticable, but at the end of the day,
using 3 middles after your guard will be visible to your guard, unless you
start spamming and try to look like a web crawler or something. Or we
develop a circuit padding defense to conceal this.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33648#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs