[tor-bugs] #33421 [Metrics/Onionperf]: Track which Guard is used for experimental measurements
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jun 4 10:59:53 UTC 2020
#33421: Track which Guard is used for experimental measurements
---------------------------------------+-----------------------------------
Reporter: acute | Owner: metrics-team
Type: enhancement | Status: needs_information
Priority: Medium | Milestone:
Component: Metrics/Onionperf | Version:
Severity: Normal | Resolution:
Keywords: metrics-team-roadmap-2020 | Actual Points:
Parent ID: #33321 | Points: 3
Reviewer: | Sponsor: Sponsor59-must
---------------------------------------+-----------------------------------
Comment (by mikeperry):
Thank you for your attention to detail on this, acute!
This is true. The dark secret of the One Guard Revolution is that it
didn't make Tor use only one guard, and never can. Tor must fall back to a
second guard due to path restrictions and other failure cases, some of
which can be controlled by the adversary to aid traffic analysis attacks.
In practice, this happens when:
1. The Exit (which is chosen first) is the same /24 or Family as the Guard
2. The adversary chooses a RP in the same /24 or family as the Guard of an
onion service, to more easily attack that service with traffic analysis
3. The IP used by a circuit is in the same /24 or family as the main guard
4. The HSDIR is in the same /24 or family as the main guard
5. When the main Guard's TLS connection is closed a few times because of
bad connectivity
6. Probably some other cases no one remembers or even knows of
Tor is not so good at these edge cases and probably never will be.
But that's not really relevant to this ticket.
Even if we give up on the One Guard Revolution and always use two guards,
we should still track which guard was used for a circuit in onionperf, so
that we can filter on the performance seen via different kinds of guards
(as per tools for #33327).
This will help with all kinds of analysis, including determining if and
when a third guard is used (to find more instances of `#6`), and measuring
the balance between the two main guards otherwise.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33421#comment:8>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list