[tor-bugs] #3678 [Tor Client]: Disallow more than one relay per country in a circuit

Tor Bug Tracker & Wiki torproject-admin at torproject.org
Thu Aug 4 11:21:20 UTC 2011

#3678: Disallow more than one relay per country in a circuit
 Reporter:  cypherpunks  |          Owner:                   
     Type:  enhancement  |         Status:  needs_information
 Priority:  major        |      Milestone:                   
Component:  Tor Client   |        Version:                   
 Keywords:               |         Parent:                   
   Points:               |   Actualpoints:                   

Comment(by cypherpunks):

 Replying to [comment:12 cypherpunks]:
 > From a sampling of my own circuits.  I circuit from the US to Germany to
 Sweden crosses the LINX exchange in London 3x.
 > Here's an actual circuit, right now: tor9, drachentor, morales. US to
 Germany to Germany.  My traffic passes from Belgium, through LINX to NYC,
 to the relay, to NYC to LINX to Germany.

 What primarily matters is not whether the circuit crosses an exchange or
 AS 3x per circuit, but whether it crosses that AS (IX) between you and
 tor9 and again between morales and the final destination. If it does then
 you are vulnerable to (at least one) potential attacker on the links
 between nodes because it can associate source and destination IP addresses
 and perhaps other circuit information. If not, well you might still be at
 risk. Research is ongoing (some mentioned in comment 9) about
 understanding the risk of collaboration between link-level attackers.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3678#comment:13>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list