[tor-bugs] #31653 [Core Tor/Tor]: Padding cells sent with 0ms delay cause circuit failures

Tor Bug Tracker & Wiki blackhole at torproject.org
Mon Oct 7 06:56:25 UTC 2019

#31653: Padding cells sent with 0ms delay cause circuit failures
 Reporter:  pulls                                |          Owner:
                                                 |  mikeperry
     Type:  defect                               |         Status:
                                                 |  assigned
 Priority:  Medium                               |      Milestone:  Tor:
                                                 |  0.4.2.x-final
Component:  Core Tor/Tor                         |        Version:  Tor:
 Severity:  Normal                               |     Resolution:
 Keywords:  wtf-pad circpad-researchers-want     |  Actual Points:
  042-should                                     |
Parent ID:                                       |         Points:
 Reviewer:                                       |        Sponsor:

Comment (by pulls):

 Yeah, that's not great, a delay of 0-10 ms is massive. Even worse,
 basically how timers behave becomes a function of load? Simulations based
 on unit-tests (#31788) will be harder to tweak since one should account
 for relay load as well.

 At the relay, this kind of variability may not be all that bad. Time is
 messy for classifiers and you already have a lot of natural variability at
 this end together with typically many cells going towards the client (so
 you can make a machine start to create a cell train from the early cells,
 working around some possible delay). The client-side delay is the worst I
 think, because here the natural variability is typically the time it takes
 for Firefox to queue up more GET requests.

 I think adding priority for padding timers is a good #circpad-researchers-
 want and in the meantime we can recommend that researchers working on
 defenses focus on Deep Fingerprinting, since it doesn't use time. Deep
 Fingerprinting shares architecture with Var-CNN and Tik-Tok, so it would
 be really interesting to see a defense that works on Deep Fingerprinting
 in the circpad framework but fails to the other attacks.

Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31653#comment:15>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

More information about the tor-bugs mailing list