[tor-relays] [Important] Update on an upcoming German broadcasting story about Tor/Onion Services
Roger Dingledine
arma at torproject.org
Tue Sep 17 03:57:41 UTC 2024
On Mon, Sep 16, 2024 at 08:17:25PM +0000, pasture_clubbed242--- via tor-relays wrote:
> Something I always found confusing is what the difference is between the Vanguards Github project, and the version of Vanguards that Tor has implemented. I thought Vanguards was added into Tor no? Is the Vanguards project still useful despite this?
>
> I'm not sure if this spec is the exact implementation or a recommendation for an external plugin.
> https://spec.torproject.org/vanguards-spec/full-vanguards.html
> I have also seen other mentions of an implementation elsewhere.
The "full" vanguards design includes other changes to how Tor handles
edge cases and unexpected circuit/stream behavior which might be able to
be used as a side channel, but the main tradeoff is that it slows down
your circuits. You have to run it alongside your Tor, as a controller,
which means it is not for "end" users. You can read about it on this
blog post:
https://blog.torproject.org/announcing-vanguards-add-onion-services/
Whereas the "lite" design is a subset of the full design, which we built
into C-Tor back in 2021-2022 when it became clear that some of these guard
discovery attacks we worried about might actually be more practical than
first thought. You can read about vanguards-lite in Proposal 333:
https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/333-vanguards-lite.md
and you can read one of the motivations for it in this research paper:
https://petsymposium.org/popets/2022/popets-2022-0026.pdf
And lastly, there is a great explanation of both variations of vanguards
in this blog post talking about adding them to Arti:
https://blog.torproject.org/announcing-vanguards-for-arti/
--Roger
More information about the tor-relays
mailing list