[tor-bugs] #20212 [Applications/Tor Browser]: Tor can be forced to open too many circuits by embedding .onion resources

Tor Bug Tracker & Wiki blackhole at torproject.org
Fri Mar 23 18:55:42 UTC 2018


#20212: Tor can be forced to open too many circuits by embedding .onion resources
-------------------------------------------------+-------------------------
 Reporter:  gacar                                |          Owner:  tbb-
                                                 |  team
     Type:  enhancement                          |         Status:  new
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  unspecified
Component:  Applications/Tor Browser             |        Version:
 Severity:  Normal                               |     Resolution:
 Keywords:  guard-discovery,                     |  Actual Points:
  TorBrowserTeam201803                           |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:
-------------------------------------------------+-------------------------

Comment (by asn):

 Replying to [comment:10 cypherpunks]:
 > Replying to [comment:9 cypherpunks]:
 > > Why limit the number of onion addresses that can be embedded instead
 of limiting the number of circuits that can be created for onions in a
 single origin?
 >
 > The former should be relatively easy to implement in Tor Browser, while
 the latter would presumably be much more difficult and error prone (if
 implemented by monitoring circuit events on the control port). The simple
 approach of limiting the number of onions seems like it would indirectly
 limit the number of circuits, but reading the above question I'm suddenly
 having doubts. (How quickly can Tor Browser cause more circuits to be made
 by continually retrying just one onion that is failing to rendezvous?)

 I opened #25609 to investigate the issue presented in the last parenthesis
 of this post. It's important because if an attacker can cause Tor to make
 many circuits by continuously retrying a broken onion, this can bypass any
 sort of origin rate-limiting defense.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20212#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list