[tor-bugs] #6470 [Analysis]: distinguishing between (non-) hidden service hosters, too few/much open circuits
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Thu Jul 26 10:41:07 UTC 2012
#6470: distinguishing between (non-) hidden service hosters, too few/much open
circuits
----------------------+-----------------------------------------------------
Reporter: proper | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: Analysis | Version:
Keywords: | Parent:
Points: | Actualpoints:
----------------------+-----------------------------------------------------
For Internet Service Providers it's too easy to find who hosts a hidden
service and who doesn't.
For people connecting to the public Tor network:
* Tor users have X open circuits after Tor started.
* Hosters of hidden services have much more open circuits after Tor
started. In my tests it were mostly X*3 open circuits.
* It's trivial for ISPs to distinguish between non-hidden-services and
regular Tor users.
* That analysis combined with another attack, such as Murdoch's clock
skew attack can de-anonymize Tor hidden service hosters.
For people connecting to (obfuscated) bridges:
* Same as above but depends on the ability of the ISP to detect
connections to the Tor network.
Suggested solution:
* Open the same amount of circuits. Do not let that depend on if the user
hosts a hidden service or not.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/6470>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list