[tor-dev] Proposal 302: Hiding onion service clients using WTF-PAD

George Kadianakis desnacked at riseup.net
Mon May 20 14:35:02 UTC 2019

Tom Ritter <tom at ritter.vg> writes:

> On Thu, 16 May 2019 at 11:20, George Kadianakis <desnacked at riseup.net> wrote:
>>     3) Duration of Activity ("DoA")
>>       The USENIX paper uses the period of time during which circuits send and
>>       receive cells to distinguish circuit types. For example, client-side
>>       introduction circuits are really short lived, wheras service-side
>>       introduction circuits are very long lived. OTOH, rendezvous circuits have
>>       the same median lifetime as general Tor circuits which is 10 minutes.
>>       We use WTF-PAD to destroy this feature of client-side introduction
>>       circuits by setting a special WTF-PAD option, which keeps the circuits
>>       open for 10 minutes completely mimicking the DoA of general Tor circuits.
> 10 minutes exactly; or a median of 10 minutes?  Wouldn't 10 minutes
> exactly be a near-perfect distinguisher? And if it's a median of 10
> minutes, do we know if it follows a normal distribution/what is the
> shape of the distribution to mimic?

Oops, you are right, Tom.

It's not 10 minutes exactly. The right thing to say is that it's a median
of 10 minutes, altho I'm not entirely sure of the exact distribution.

These circuits basically now follow the MaxCircuitDirtiness
configuration like general circuits, and it gets orchestrated by
circuit_expire_old_circuits_clientside(). Not sure if it's in a spec

I will update the spec soon with the fix. Thanks!

More information about the tor-dev mailing list