[tor-bugs] #9072 [Tor]: #9063 enables Guard discovery in about an hour by websites

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jun 15 19:31:04 UTC 2013 

#9072: #9063 enables Guard discovery in about an hour by websites
----------------------+-----------------------------------------------------
 Reporter:  arma      |          Owner:                     
     Type:  defect    |         Status:  needs_review       
 Priority:  critical  |      Milestone:  Tor: 0.2.3.x-final 
Component:  Tor       |        Version:  Tor: 0.2.4.13-alpha
 Keywords:            |         Parent:                     
   Points:            |   Actualpoints:                     
----------------------+-----------------------------------------------------

Comment(by robgjansen):

 Replying to [comment:12 nickm_mobile]:
 > Algorithms 1U, 2U, 3U:
 >
 > As algorithms 1T 2T and 3T, but define a queue's flush time as some
 function that accounts for the number of other circuits targetting the
 same connection.   If we were using round robin, I would say:  N/BW where
 bw is the conn observed bandwidth and N is the sum of all queue lengths on
 that connection, each queue length clippedd to be no longer than the queue
 under consideration.

 Is there any reason not to simplify this down to the circuit level only?
 Anything based on connections is easily subverted by a sybil attack. And
 you can't consider the time-independent queue length alone because of the
 sybil attack.

 The goal is to drive up the cost of the attack while making sure you are
 not killing an honest client's circuit. If you consider a function of the
 queue length and the waiting time of the longest waiting cell for each
 circuit, then a malicious client will have to read cells at a rate at
 least as fast as the slowest honest client *on every sybil* in order to
 cause the relay to target the honest client's circuit. It can be shown
 that the longer the attacker's queue becomes, the faster it must read from
 it to avoid selection because it needs to keep the waiting times of the
 cells in the malicious circuits lower than those of all honest circuits.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9072#comment:16>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list