Re: [tor-relays] Lots of tor relays send out sequential IP IDs; please fix that!

On Mon, Mar 31, 2014 at 11:12:05PM +0200, Jann Horn wrote:

Well, the subject line pretty much says it all: Lots of Tor relays send out globally sequential IP IDs, which, as far as I know, allows a remote party to measure how fast the relay is sending out IP packets with high precision, possibly making statistical attacks possible that could e.g. pinpoint the entry guard a user or hidden service uses.

[Please don't cross-post on multiple lists -- you will splinter the responses.]

For extra fun, check out this paper that turns this issue into a potential anonymity attack: http://freehaven.net/anonbib/#tcp-tor-pets12

Their suggestion for a fix iirc was that the Linux kernel should get fixed.

--Roger