[tor-bugs] #8188 [Tor]: Introduce MaxCircuitDirtiness per listener

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Mar 16 10:18:14 UTC 2013 

#8188: Introduce MaxCircuitDirtiness per listener
-------------------------+--------------------------------------------------
 Reporter:  bastik       |          Owner:                    
     Type:  enhancement  |         Status:  new               
 Priority:  normal       |      Milestone:  Tor: 0.2.5.x-final
Component:  Tor          |        Version:                    
 Keywords:  tor-client   |         Parent:                    
   Points:               |   Actualpoints:                    
-------------------------+--------------------------------------------------

Comment(by bastik):

 My initial thought on anonymity was that since everything goes over
 different circuits (not exits, which may happen coincidently) it would be
 safe to assume that exits can see how long sessions tend to be, but that
 it would not be a fingerprinting/profiling vector.

 More recently I thought it could be problematic, because clients may stick
 out.

 Previously I thought the stream isolation would make it safe.

 However if exit operators see that some sessions last (e.g.) 20 minutes
 and this wouldn't be the case very often, while different protocol
 sessions last about 7 minutes, what might be not so common either, they
 can indeed fingerprint/profile on that.

 Given an adversary that was able to correlate traffic once and if he/she
 realized that the sessions was about 20 minutes long, which doesn't happen
 normally, all it takes is looking for a 20 minute session to identify a
 user.

 I couldn't come up with a "fix" for this, other than using fixed values
 for this feature. So that clients can pick 5, 10, 15 or 20 minutes rather
 than custom values for this feature.

 I thought about thinking about this [nice construction] issue not
 expecting to come up with a reasonable approach.

 Since you, nickm, set a soon to come milestone, which obviously can be
 changed around as you like, I add my concern(s). I'm quite surprised (and
 glad) that you actually like this idea, not that you should dislike it, as
 it might jeopardize users anonymity. You've more insight into this topic,
 for sure.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8188#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list