[tor-onions] Probably-stupid question about Circuit IDs
Alec Muffett
alec.muffett at gmail.com
Sat Sep 22 13:29:02 UTC 2018
Hi All,
I'm just skimming Mahrud's patch at
https://github.com/mahrud/tor/commit/a81eac6d0c0a35adc6036e736565f4a8e2f806fd
...referenced from elsewhere, and also from the blog post:
https://blog.cloudflare.com/cloudflare-onion-service/
Luckily for us, the IPv6 space is so vast that we can encode the Tor
> circuit number as an IP address in an unused range and use the Proxy
> Protocol to send it to the server. Here is an example of the header that
> our Tor daemon would insert in the connection:
...and it makes me wonder how far back up the chain of hops towards the
client, that the circuit ID is visible to a malicious relay? Is it
mostly-hidden several onion-skins down? I presume it's not trackable all
the way from the client's guard?
Am thinking about the necessary scope for a correlation attack.
-a
--
http://dropsafe.crypticide.com/aboutalecm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20180922/65774733/attachment.html>
More information about the tor-onions
mailing list