[anti-censorship-team] Summary of Point Break (Jansen et al. USENIX Security '19) as it pertains to bridges

David Fifield david at bamsoftware.com
Sat Aug 24 18:46:52 UTC 2019

Rob Jansen, Tavish Vidya, and Micah Sherr have a paper about
bandwidth-based DoS against Tor. Section 5 is about default bridges.


While elsewhere in the paper they discuss in-protocol attacks, in the
context of bridges they limit themselves to attacks using third-party
paid "stresser" DoS services, which you can rent for about $1/Gbps/hour
(Section 3.1).

They looked at the default bridges in Tor Browser 8.0.3 (October 2018).
Only 12 of 25 default obfs4 bridges were working. (I think most of the
non-working bridges have since been pruned, e.g. in #29378, #30264.) The
median bandwidth of the 12 working bridges was 368 KB/s, with a large
variance: minimum of 67 KB/s and maximum of 1190 KB/s.

Besides the default bridges, they requested 135 bridges from BridgeDB,
and found that only 70% (95/135) of them worked. (This has also been at
least partially addressed by #30441.) BridgeDB bridges are faster than
default bridges, with a median bandwidth of closer to 600 KB/s
(Figure 1).

They estimate that disabling the 12 default obfs4 bridges would require
30 stresser jobs, at a rate of $22/hour or $17K/month. If all users of
default obfs4 bridges switched to BridgeDB bridges, the median bandwidth
of BridgeDB bridges would slow down to under 100 KB/s (Figure 2). If
even half of default obfs4 users switch to using meek, the cost to
operate meek will at least double (Figure 3).

More information about the anti-censorship-team mailing list