[tor-bugs] #10969 [Tor]: Set of guard nodes can act as a linkability fingerprint
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Feb 20 13:57:03 UTC 2014
#10969: Set of guard nodes can act as a linkability fingerprint
-----------------------------------+------------------------------------
Reporter: asn | Owner:
Type: task | Status: new
Priority: normal | Milestone: Tor: 0.2.5.x-final
Component: Tor | Version:
Keywords: tor-client tor-guards | Actual Points:
Parent ID: | Points:
-----------------------------------+------------------------------------
It's well understood that your set of guard nodes can act as a
fingerprint. Some calculations can be found in comment:3:ticket:9273 but
it's pretty clear that each 3-subset of guards is rare enough that it's
very likely that no other clients have exactly the same.
There are a few proposed ideas on how to reduce the linkability of guard
nodes sets. For example, reducing the number of guard nodes to 1 will help
against this. Still, as an example, in a city with only 500 Tor users,
even if each person has a single guard, there are only going to be a few
people with the same guard node (and some of them might always be in the
same physical location, so the one who roams is probably the same person).
To further improve on the above, maybe it makes sense to pick N guards but
only use 1 of them at a time -- and cycle through the N guards every now
and then. Maybe we should cycle everytime we change network (see
https://github.com/leewoboo/tordyguards) but how does little-t-tor knows
when we changed network? There is some more discussion on this topic here:
https://lists.torproject.org/pipermail/tor-dev/2013-September/005424.html
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10969>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list