[tor-bugs] #18136 [Tor]: Tor is vulnerably to sybil attacks. How are you dealing with it?

Tor Bug Tracker & Wiki blackhole at torproject.org
Sun Jan 24 14:15:41 UTC 2016


#18136: Tor is vulnerably to sybil attacks. How are you dealing with it?
-----------------------------+-----------------
     Reporter:  cypherpunks  |      Owner:
         Type:  defect       |     Status:  new
     Priority:  Medium       |  Milestone:
    Component:  Tor          |    Version:
     Severity:  Normal       |   Keywords:
Actual Points:               |  Parent ID:
       Points:               |    Sponsor:
-----------------------------+-----------------
 It's time to realize that Tor is vulnerable to sybil attacks. Adversaries,
 such as NSA and GCHQ can make enough Tor relays to fully deanonymize
 everybody using Tor with high probability. The base of the Tor security is
 the idea that an adversary cannot control more than one relay in a
 circuit, it is true if the relays are intended to protect the owner of the
 networks and are controlled mostly by the owner of the network, but it is
 not true if your goal is to protect anyone and adversary is able to create
 a lot of malicious nodes contributing to your network.

 How are you dealing with this? Don't say 'sybilhunter', it's easy to
 bypass it by fairly creating relays as anyone creates them: just order the
 employees to lend enough VPSes in different datacenters and install Tor on
 them. Don't say 'it costs too much', NSA has huge budgets.

 How are you dealing with this?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18136>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list