[tor-bugs] #29174 [Core Tor/Tor]: Guard Node can eclipse the hidden service
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Jan 25 01:19:08 UTC 2019
#29174: Guard Node can eclipse the hidden service
-----------------------------------+------------------------------
Reporter: TBD.Chen | Owner: (none)
Type: defect | Status: new
Priority: Very High | Component: Core Tor/Tor
Version: Tor: unspecified | Severity: Critical
Keywords: guard, hidden service | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-----------------------------------+------------------------------
For the current Tor protocol, hidden services connect into Tor network
only through one Guard node (Vanguard is not running on default).
As a result, all the HS-IntroPoint circuit of the hidden service are all
using one guard.
As we all know, the HS-IntroPoint is quite special on its cell sequence,
so the malicious guard relays can drop all the incoming cells of HS-
IntroPoint until the hidden service rebuild its HS-IntroPoint circuit.
And the malicious guard can attack the new circuits again.
Because the incoming cells of HS-IntroPoint circuit (introduce1 cells) are
all droped, so the hidden services cannot be accessed by any user, and
eclipsed by its Guard relay.
This mater is appearing after reduce the number of guards to one, and if
the hidden service not run the vangard, the hidden service has the risk of
being eclipsed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/29174>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list