[tor-bugs] #10969 [Core Tor/Tor]: Set of guard nodes can act as a linkability fingerprint
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Feb 20 09:09:55 UTC 2017
#10969: Set of guard nodes can act as a linkability fingerprint
-------------------------------------------------+-------------------------
Reporter: asn | Owner:
| mikeperry
Type: defect | Status:
| assigned
Priority: High | Milestone: Tor:
| unspecified
Component: Core Tor/Tor | Version:
Severity: Normal | Resolution:
Keywords: tor-client, tor-guard, | Actual Points:
026-triaged-1, XKEYSCORE, prop259, SponsorU- |
deferred, tor-03-unspecified-201612 |
Parent ID: #11480 | Points: large
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by asn):
Replying to [comment:30 teor]:
> Has the new guard design in 0.3.0 fixed this issue?
> Has switching to one entry guard fixed this issue?
Hey teor,
switching to one entry guard slightly improved the situation, but did not
fix the issue. The new guard design did not fix the issue either.
An adversary who monitors your connection enough to be able to derive the
first few elements of your guard list can use that info to track you down.
This is even easier since currently we use multiple directory guards,
which means that we easily leak the first 3 positions in our guard list
(see `DFLT_N_PRIMARY_DIR_GUARDS_TO_USE`) (see #21006).
Even with 1 directory guard, an adversary could get glimpses into your
guard list when your guards are down, or when he kills your connections to
them. To completely solve this issue we would need to use guard sets or
some other wacky solution
(http://www.homepages.ucl.ac.uk/~ucabaye/papers/guard_sets_for_onion_routing.pdf).
We are pretty far away from this happening.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/10969#comment:31>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list