[tor-bugs] #14917 [Tor]: Client's choice of rend point can leak info about hidden service's guard relay
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Feb 17 11:49:00 UTC 2015
#14917: Client's choice of rend point can leak info about hidden service's guard
relay
------------------------+--------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version:
Resolution: | Keywords: SponsorR, tor-hs
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by arma):
Sebastian and I pondered this one for a little while and our current
thought is that the best way forward is to relax the requirement
preventing duplicate hops in the circuit, in the rendezvous circuit case.
That is, if you're picking a guard for a rendezvous circuit, don't do
those two comparisons in populate_live_entry_guards().
Now people who set EntryNode specifically will resume connecting. And
those who don't set it will use their primary guard and thus not behave
differently as a function of the rendezvous point.
It still makes us a bit nervous though because now the client can cause
the hidden service to essentially make a short-circuited circuit to a
relay that the client controls.
More perspectives welcome!
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14917#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list