[tor-relays] How can we trust the guards?
Aeris
aeris+tor at imirhil.fr
Sun Jan 1 21:25:07 UTC 2017
> Whats the trust mechanism (if any) to ensure that the majority of guards
> are not hijacked by adversaries?
See https://blog.torproject.org/blog/lifecycle-of-a-new-relay
* You need to wait around 70d to be a fully ready guard relay consuming all
the possible bandwidth.
* Any sybil attack will be discovered even before having the guard flag at all
(8th day).
* And you have to provide a lot of bandwidth to the network to be on the top
quarter of relay to have the guard flag.
So it will be difficult for an attacker to hijack enough guard nodes to be
really dangerous.
Too costly (bandwidth), too long (70d) and too visible.
Remember too that your client use only few guards at each time and rotate them
only each 4 to 8 weeks. So even if evil guard appear, you have to wait at
least 4 weeks to be in danger if in danger at all (probability is low to peak
an evil guard at the next rotation).
And last, even if you use an evil guard node, attacker need to control an
other node (middle or exit) on one of your circuit to break anonymity.
So, evil guard nodes are not a big problem :)
Regards,
--
Aeris
Individual crypto-terrorist group self-radicalized on the digital Internet
https://imirhil.fr/
Protect your privacy, encrypt your communications
GPG : EFB74277 ECE4E222
OTR : 5769616D 2D3DAC72
https://café-vie-privée.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170101/399a24cd/attachment.sig>
More information about the tor-relays
mailing list