[tor-bugs] #15714 [Tor]: Don't always ditch intro point after 16384 introductions
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Apr 17 14:33:49 UTC 2015
#15714: Don't always ditch intro point after 16384 introductions
-----------------------------+------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Keywords: tor-hs SponsorR | Actual Points:
Parent ID: | Points:
-----------------------------+------------------------------------
We should rethink the value and behavior of
`INTRO_POINT_LIFETIME_INTRODUCTIONS`.
Currently, it's set to 16384 which means that an HS will rotate the intro
point after it has performed 16384 introductions. This is bad for a few
reasons:
a) An attacker can intentionally hit that limit faster than the normal
lifetime of intro points (18 to 24 hours)
b) The number is static, which means that an attacker can count the number
of intros required to rotate the intro point to gauge the popularity of a
hidden service.
c) It's probably too small for busy hidden services.
We should rethink this behavior. We should probably change the value
16384, and also randomize it slightly.
We don't really know how to get a better value here but we could ponder on
statistics that would help us. Also, whatever the new value is maybe we
should make it configurable and have a notice-level log message when it's
reached so that HS operators can increase if it happens too often.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15714>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list