[tor-bugs] #25574 [Core Tor/Tor]: Eliminate "silent-drop" side channels in Tor protocol
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Feb 22 16:54:53 UTC 2019
#25574: Eliminate "silent-drop" side channels in Tor protocol
-----------------------------------+----------------------------------
Reporter: mikeperry | Owner: (none)
Type: defect | Status: new
Priority: Medium | Milestone: Tor: unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: guard-discovery-stats | Actual Points:
Parent ID: | Points: 10-30
Reviewer: | Sponsor: SponsorV-can
-----------------------------------+----------------------------------
Comment (by cypherpunks):
there are lots of ways to do it, but the dropmark paper says:
> We used relay drop cells because they do not raise any log message.
why is that?
i found some history:
Once-upon-a-time DROP cells **were** getting logged. Roger `//`'ed it out
in '06 cause it was "loud":
https://gitweb.torproject.org/tor.git/commit/?id=9bc8d69dfc4ddda5a9c8478b1f1e04490845ded0
(:thinkingface: how was that "loud"? was anything besides attackers
sending DROP cells in 2006?)
mikeperry replaced the `//`'ed log line with `return 0` in 2018:
https://gitweb.torproject.org/tor.git/commit/?id=7be71903daff042e606e7a8445a6359100c9f8f5
But even if tor had no silent drops relays could still embed timing
signals like Jann Horn demonstrates here:
https://var.thejh.net/git/?p=detour.git;a=blob;f=README (what ticket
number is that?)
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25574#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list