[tor-bugs] #25870 [Core Tor/Tor]: Fix vanguard restrictions

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Apr 25 15:37:56 UTC 2018


#25870: Fix vanguard restrictions
--------------------------+------------------------------------
 Reporter:  mikeperry     |          Owner:  (none)
     Type:  defect        |         Status:  needs_review
 Priority:  Medium        |      Milestone:  Tor: 0.3.4.x-final
Component:  Core Tor/Tor  |        Version:
 Severity:  Normal        |     Resolution:
 Keywords:                |  Actual Points:
Parent ID:  #25546        |         Points:
 Reviewer:  asn           |        Sponsor:
--------------------------+------------------------------------

Comment (by mikeperry):

 Replying to [comment:6 asn]:
 > OK, the explanation above makes sense but it's also quite complicated.
 I'm gonna try to write some unittests and see if I can get a bit more
 confidence.
 >
 > Another design-level question: Why are we doing this change just for
 vanguard circuits and not for all circuits? Is it because we only aim to
 protect against guard-discovery attacks like #14917 only in vanguard
 circuits? Or because vanguard-circuits are naturally not 3-hops and so
 it's eaier to block A - B -A type circs? Or something else?

 I decided to do the first commit because it is a simple way to prevent the
 adversary from being able to influence your guard choice without
 completely changing how we build paths. I only did it for vanguards
 because we did not agree on a solution for how we want to handle
 restrictions in the general case. And also yes, with vanguards it does not
 create any degenerate conditions that induce warnings, but it would with
 normal circuits.

 I decided to do the second commit because the HSLayerN options will
 generate warnings on relays as-is. I originally removed all restrictions
 for vanguard circuits because of issues discovered during testing of
 #13837 and #24487. With two entry guards and this patch (which we can also
 do easily with vanguards), #24487 no longer leaks information to later
 layers, and the HSLayerN options will no longer cause warnings.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25870#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list