[tor-bugs] #13838 [Tor]: Potential HS guard discovery using bw stats
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 25 11:42:15 UTC 2014
#13838: Potential HS guard discovery using bw stats
--------------------+------------------------------------
Reporter: asn | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Keywords: tor-hs | Actual Points:
Parent ID: | Points:
--------------------+------------------------------------
Bandwidth stats are included in extra-info descriptor for 15 minute
intervals.
This allows an attacker to do a guard discovery attack, by modulating
traffic he sends to an HS every 15 minutes and then checking all the relay
stats to see which one matches the modulation.
It was mentioned by Aaron here:
https://lists.torproject.org/pipermail/tor-dev/2014-November/007829.html
It's clear we need to increase the reporting period, so that the
modulation is hidden inside the noise of unrelated traffic. We should
probably increase the reporting period to every 6-12 hours or a full day.
Is something using the 15-minute interval measurements that would break if
we decreased the reporting frequency?
Also, is this a sufficient fix or do we need to do more?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13838>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list