[tor-bugs] #8240 [Tor]: Raise our guard rotation period, if appropriate
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Jul 4 18:00:43 UTC 2015
#8240: Raise our guard rotation period, if appropriate
-------------------------+-------------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: assigned
Priority: major | Milestone: Tor: 0.2.7.x-final
Component: Tor | Version: Tor: 0.2.7
Resolution: | Keywords: tor-client, needs-proposal,
Actual Points: | 023-backport, unfrozen, 027-triaged-1-in,
Points: medium | SponsorU
| Parent ID:
-------------------------+-------------------------------------------------
Comment (by asn):
Some thoughts here about raising the rotation period to 9 months.
Let's assume a 5% network adversary and a single guard per client. This
means that every time we pick a guard we toss a coin with probability 0.95
of coming out safe. Hence after `n` guard rotations, we have (0.95^n^)
probability of coming out safe.
This means that after 14 rotations we have more than 50% probability of
being unsafe and after 6 rotations we have 25% probability of being
unsafe.
Currently, with 2 to 3 months rotation period, this means that after about
3 years we have 50% probability of being unsafe. Or after 1.5 year we have
25% probability of being unsafe. This does not sound terrible.
OTOH, a 9 month rotation period gives us about 10 years before we have 50%
prob of being unsafe, and 4.5 years before we have 25% probability of
being unsafe. This seems like a pretty big safety guarantee compared to
the rest of the security of Tor.
Alternatively, with a 5 month rotation period, we have about 5 and a half
years before we are 50% unsafe, and about 2.5 years before we are 25%
unsafe. This might be more appropriate, considering the load balancing
improvements that 5 months give us compared to 9 months, plus the concerns
that people have raised against keeping a guard for too long.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8240#comment:50>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list