[tor-bugs] #23978 [Core Tor/Tor]: Write simulator to evaluate security of Prop247 parameter choices

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Apr 23 16:33:28 UTC 2018 

#23978: Write simulator to evaluate security of Prop247 parameter choices
-------------------------------------------------+-------------------------
 Reporter:  mikeperry                            |          Owner:  (none)
     Type:  task                                 |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Core Tor/Tor                         |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  guard-discovery-prop247-experiments  |  Actual Points:
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
                                                 |  SponsorV-can
-------------------------------------------------+-------------------------

Comment (by mikeperry):

 Replying to [comment:4 asn]:
 > Replying to [comment:3 mikeperry]:
 > > Some issues I've noticed:
 > > 1. guard.is_targeted should be updated every time we change guards in
 a higher layer
 >
 > Hmm, we are supposed to do this in `self.is_targetted =
 self.is_targetted_func()` when we instantiate a new guard node... Logic
 seems solid, but code might be broken. Will look more into this.

 My point is that instantiation of the new guard node is insufficient to
 capture all line-of-sight events. Consider what happens to G1 if it was
 chosen as a guard while there were no adversaries in G2, but then an
 adversary node rotates into G2 later.

 Though it does look like you do this update in
 adversary.guard_compromised(). I guess I missed that before.

 > > 2. The graphs of G1 look suspicious (high CDF in low timescales for
 wimpy adversaries)
 >
 > Hmm, I just pushed a commit that should improve the situation here. Now
 the CDFs look more close to what they should be. But there are probably
 more bugs!
 >
 > FWIW, the probabilities of compromising a guard at the beginning of the
 run for topology `2-4-8` with `medium` sybil probability is: `0.1` for G1,
 `0.25` for G2 and `0.43` for G3

 This is better. 1-(1-c)^n gives 0.10, 0.26, and 0.45 for this config.

 > > 3. The "none" adversary still takes a long time. Can we have a mode of
 the sim that stops at guard discovery for particularly weak adversaries?
 >
 > Still haven't done this one yet!
 >
 > I also pushed a branch `pypy` in my github repo which maintains the pypy
 support through the recent commits, since it's actually super useful!!!

 Yay!

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23978#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list