Guard nodes (was: Re: [or-cvs] r13101)

Roger Dingledine arma at
Fri Jan 11 14:20:24 UTC 2008

On Fri, Jan 11, 2008 at 09:00:21AM -0500, Paul Syverson wrote:
> > Though a correlation attack to identify guards and an active attack to
> > knock them down would shorten the interval.
> Lasse and I talked about this in our Oakland 96 paper where we
> introduced the attack and the guard node response. We had experiments
> on the then Tor network rather than analytic results however. This was
> the motivation for the layered guard node design we presented
> (something I don't think is worth pursuing implementing without more
> study of several aspects.)

Yeah. I've actually been thinking about layered guards nodes with respect
to bridge relays. Right now a bridge user uses the bridge relays as his
entry guards, which means he could connect to any next hop from them.
But a) that makes his connections distinguishable from the connections
initiated by the bridge relay; and b) that means that bridge relays are
easier to enumerate, by an attacker who runs a few fast Tor servers and
sees who connects.

See also Section 3.8 of
for an alternate phrasing of this issue.

> > But yes, I still make the basic assumption that there exists a statistical
> > attack that's good enough with just a single request -- even if we
> > haven't discovered it quite yet.

> Sorry. Do you mean an attack that is statistical but where the
> probability is practically speaking high enough for an effective
> attack after a single request? If you mean an attack that
> deterministically works with a single request, I can't understand how
> the latter could be called "statistical".

I meant the former. Or something like it. ;)


More information about the tor-dev mailing list