[tor-bugs] #18121 [- Select a component]: anti-conformational attack (theory)

Tor Bug Tracker & Wiki blackhole at torproject.org
Sat Jan 30 21:27:19 UTC 2016


#18121: anti-conformational attack (theory)
----------------------------------+-----------------------------
 Reporter:  bo0od                 |          Owner:  cypherpunks
     Type:  enhancement           |         Status:  closed
 Priority:  Medium                |      Milestone:
Component:  - Select a component  |        Version:
 Severity:  Normal                |     Resolution:  invalid
 Keywords:                        |  Actual Points:
Parent ID:                        |         Points:
  Sponsor:                        |
----------------------------------+-----------------------------

Comment (by bo0od):

 Replying to [comment:3 yawning]:
 > This doesn't seem directly Tor related at all, and going from 1 to
 effectively 5 Guards will do bad things to client anonymity.
 >
 > The current proposed design for guarding against certain types of
 traffic analysis attacks is available at:
 https://gitweb.torproject.org/torspec.git/tree/proposals/254-padding-
 negotiation.txt

 so connecting to 1 node its better than 5 nodes? thats something i dont
 really imagine how. do u have some docs/papers explaining how is that
 going to be bad?


 but what i do think some would think this design is bad , is because of
 the changing the entry guards from time to time = thats completely right.

 but Tails then is severely fallen into this issue , and what im suggesting
 is kinda similar to multiple Tails with no TBB inside them (instead of
 DisposableVM) connected to any (secure as much as possible) operating
 systems with a TBB inside them (because this will gain the security
 through isolation of Tor from TBB = security by design).

 so even if my idea is bad regarding entry guards then whole Tails idea is
 also bad. and if we say that my idea is bad to anonymity similarly as
 Tails then i dont think it is a bad idea at the first place because Tails
 is known for the issue regarding entry guards but tho it is well useable
 in the anonymity field.

 lastly i say:- maybe im missing the whole point from the beginning , i
 dunno for sure. because im not professional in the Tor connectivity field
 but im good in imagining things and link them together = logic. and i do
 know also logic is not a big deal without linking it witha technical
 reality of the matter. but thats why i have gave my design to be discussed
 with u ppl here.

 thnx

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/18121#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list