[tor-bugs] #2980 [Tor Relay]: feature request: better privacy for node operators

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Sun Apr 24 17:19:32 UTC 2011 

#2980: feature request: better privacy for node operators
-------------------------+--------------------------------------------------
 Reporter:  tagnaq       |          Owner:     
     Type:  enhancement  |         Status:  new
 Priority:  normal       |      Milestone:     
Component:  Tor Relay    |        Version:     
 Keywords:               |         Parent:     
   Points:               |   Actualpoints:     
-------------------------+--------------------------------------------------
 The goal of this requested feature is to minimize the identifying bits of
 a Tor node
 and to reduce the negative privacy effects for a Tor node operator running
 a non-exit at home.
 It is related to this post:
 https://lists.torproject.org/pipermail/tor-talk/2011-April/020195.html

 I'll describe the features in form of manpage entries:

 NodePrivacy 0|1
 This option affects relaying nodes only and makes only sense on hosts with
 dynamic** IP address.
 If set to 1 a minimal and standardized descriptor will be published
 (ORPort: 9001, DirPort: 9030, Nickname: "Unnamed", ContactInfo: ""
 (empty), exit policy: reject *:*, tor version: "" (empty),
 MaxAdvertisedBandwidth not honored, ...). Before a new descriptor is
 published, long term keys are reseted if an IP change is detected and
 StateResetInterval is 0.
 If StateResetInterval is non-zero long term keys will only be resetted if
 the interval is expired AND an IP change has been detected.
 NOTE: EVEN WITH THIS OPTION ENABLED YOU WILL PROBABLY BE TRACEABLE - IT
 JUST GETS SLIGHTLY HARDER.
 (Default: 0)

 **) Example: If a node is down for lets say a month and comes back online
 it might even be a usfull feature for nodes with static IP addresses
 (the fact that a node has a static IP address is not necessarily a public
 fact)

 StateResetInterval N d|w
 Specifies the time interval for which long term key material will not be
 resetted - only relevant if NodePrivacy is set to 1.
 (Default: 0)

 Depending on how many Tor nodes in a certain AS are running with
 NodePrivacy enabled with rawly same StateResetInterval and BW NodePrivacy
 will actually improve privacy or not.

 Side effect of this feature: The Tor network will probably have less nodes
 having the 'guard' and 'stable' flag set and statistics of relays based on
 their published tor version might see empty version strings.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/2980>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list