[tor-bugs] #13838 [Tor]: Potential HS guard discovery using bw stats

Tor Bug Tracker & Wiki blackhole at torproject.org
Tue Nov 25 11:42:15 UTC 2014


#13838: Potential HS guard discovery using bw stats
--------------------+------------------------------------
 Reporter:  asn     |          Owner:
     Type:  defect  |         Status:  new
 Priority:  normal  |      Milestone:  Tor: 0.2.6.x-final
Component:  Tor     |        Version:
 Keywords:  tor-hs  |  Actual Points:
Parent ID:          |         Points:
--------------------+------------------------------------
 Bandwidth stats are included in extra-info descriptor for 15 minute
 intervals.
 This allows an attacker to do a guard discovery attack, by modulating
 traffic he sends to an HS every 15 minutes and then checking all the relay
 stats to see which one matches the modulation.

 It was mentioned by Aaron here:
 https://lists.torproject.org/pipermail/tor-dev/2014-November/007829.html

 It's clear we need to increase the reporting period, so that the
 modulation is hidden inside the noise of unrelated traffic. We should
 probably increase the reporting period to every 6-12 hours or a full day.
 Is something using the 15-minute interval measurements that would break if
 we decreased the reporting frequency?

 Also, is this a sufficient fix or do we need to do more?

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13838>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list