[tor-relays] Lots of tor relays send out sequential IP IDs; please fix that!

Roger Dingledine arma at mit.edu
Tue Apr 1 06:32:40 UTC 2014


On Mon, Mar 31, 2014 at 11:12:05PM +0200, Jann Horn wrote:
> Well, the subject line pretty much says it all: Lots of Tor relays send out
> globally sequential IP IDs, which, as far as I know, allows a remote party to
> measure how fast the relay is sending out IP packets with high precision,
> possibly making statistical attacks possible that could e.g. pinpoint the entry
> guard a user or hidden service uses.

[Please don't cross-post on multiple lists -- you will splinter the
responses.]

For extra fun, check out this paper that turns this issue into a potential
anonymity attack:
http://freehaven.net/anonbib/#tcp-tor-pets12

Their suggestion for a fix iirc was that the Linux kernel should get
fixed.

--Roger



More information about the tor-relays mailing list