[or-cvs] add a changelog for

Paul Syverson syverson at itd.nrl.navy.mil
Fri Apr 8 12:43:40 UTC 2005

On Fri, Apr 08, 2005 at 02:16:40AM -0400, Roger Dingledine wrote:
> +    - Start sending 'truncated' cells back rather than destroy cells,
> +      if the circuit closes in front of you. This means we won't have
> +      to abandon partially built circuits.

I thought we decided a few years ago that this would be a bad idea.
E.g., if an entry or middle node (from some cabal of evil nodes)
decides that something about a circuit looks interesting it can cause
a truncated circuit and, when it is re-extended, increase the
probability that the cabal owns or observes the exit too. All the
worse if this can be done repeatedly for a single circuit or if
tor clients can choose to simply exit from the point of truncation.

The client might allow use of this circuit if only circuit building
has happened so far on the circuit. Two counters to
that. 1. Presumably it removes most of the advantage that was desired
since the amount of times that this would happen after a circuit was
successfully extended but before anything was sent would be both rare
and minimally advantageous over just building a new circuit.  2. Even
in this limited form, it is a bit worse than the attack that we now
live with of an evil node just selectively refusing to extend to an
honest node sometimes. Now an evil first node can see if the circuit
extends past a middle node to an evil third node (exit in our current
default). If not, it can truncate before the handshake from the third
node goes back to the client.

The attacks are significant but not devastating I think. If a compelling
tradeoff argument exists we could allow this as an option, but it would
need to be pretty compelling.


More information about the tor-dev mailing list