[tor-bugs] #22728 [Core Tor/Tor]: Periodically close long-lived onion service circuits

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Jun 26 18:06:46 UTC 2017


#22728: Periodically close long-lived onion service circuits
------------------------------+-----------------------------
     Reporter:  mikeperry     |      Owner:
         Type:  defect        |     Status:  new
     Priority:  Medium        |  Milestone:
    Component:  Core Tor/Tor  |    Version:
     Severity:  Normal        |   Keywords:  guard-discovery
Actual Points:                |  Parent ID:
       Points:                |   Reviewer:
      Sponsor:                |
------------------------------+-----------------------------
 In Wilmington we brainstormed at least two different ways to perform guard
 discovery by keeping a circuit opened to a hidden service for a long time.
 These attacks will continue to work even after something like Proposal
 #247 is implemented.

 Attack #1: Use many long-lived circuits to probe when the guard in use
 goes down. If several circuit teardowns are correlated with a guard going
 offline, you have a good candidate guard.

 Attack #2: Keep a circuit opened long after a guard has been rotated away,
 and then start sending data down it. After one week, Tor decides that TLS
 connections are too old to use for new circuits, so after this point, your
 circuit should be one of the few things left on the TLS connection. Once
 this happens, if you can readily obtain netflow statistics at ISPs/core
 routers, you can walk your way all the way back to the client by seeing
 which Tor TLS connections match the byte counts you send.

 We decided that this means we should close hidden service circuits after a
 day or so by default. Later, if we implement conflux, we could
 periodically reattach such circuits using conflux IDs instead.

 We argued for a while about allowing people to have their Tor hidden
 service not kill long-lived circuits. I am of the opinion that we should
 allow this, with the appropriate warnings in the manpage and Tor log for
 the option.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/22728>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list