[tor-bugs] #6526 [Tor]: Implement directory guards

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Dec 19 02:43:39 UTC 2012


#6526: Implement directory guards
-------------------------------------------+--------------------------------
 Reporter:  rransom                        |          Owner:                    
     Type:  defect                         |         Status:  needs_review      
 Priority:  normal                         |      Milestone:  Tor: 0.2.4.x-final
Component:  Tor                            |        Version:                    
 Keywords:  tor-client prop207 dir-guards  |         Parent:                    
   Points:                                 |   Actualpoints:                    
-------------------------------------------+--------------------------------

Comment(by mikeperry):

 In addition to my comments on tor-dev, there's another reason to use the
 same list for each: client fingerprintability. If we keep two separate
 lists, your combined set of Guards+DirectoryGuards is absolutely
 fingerprintable as you move your tor client from IP to IP.

 For some back of the envelope calculations, the current Guard entropy is
 ~9 bits. This is  equivalent to 512 equal-sized guard choices. If we scale
 back to 2 guards, we have:
 https://www.wolframalpha.com/input/?i=512+choose+2

 However, if we use 3 directory guards + 2 guards:
 https://www.wolframalpha.com/input/?i=512+choose+5

 Neither are great, but the 2-guard case already doesn't segment our
 userbase, and will certainly experience enough change to damage the
 fingerprint as Guards go up and down while clients are offline/inactive.
 It seems unlikely that such rotation will make a significant impact on the
 5-guard case's tremendous fingerprintability, though.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6526#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list