Re: [tor-dev] Setting NumEntryGuards=2

On 2018-03-26 20:34, Mike Perry wrote: Florentin Rochet: On 2018-03-20 04:57, Mike Perry wrote: Arguments for staying with just one guard: 1. One guard means less observability. As Roger put it in the above blog post: "I think the analysis of the network-level adversary in Aaron's paper is

Re: [tor-dev] Setting NumEntryGuards=2

Mike Perry writes: > [ text/plain ] > Back in 2014, Tor moved from three guard nodes to one guard node: > https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters > https://trac.torproject.org/projects/tor/ticket/12206 > > We made this change

Re: [tor-dev] Setting NumEntryGuards=2

Florentin Rochet: > On 2018-03-20 04:57, Mike Perry wrote: > > > >Arguments for staying with just one guard: > > > >1. One guard means less observability. > > > >As Roger put it in the above blog post: "I think the analysis of the > >network-level adversary in Aaron's paper is the strongest

Re: [tor-dev] Setting NumEntryGuards=2

Mike Perry: > David Goulet: > > On 22 Mar (13:46:36), George Kadianakis wrote: > > > Mike Perry writes: > > > > > > > Arguments in favor of switching to two entry guards: > > > > > > > > 1. One guard allows course-grained netflow confirmation attacks > > > > > > > > The

Re: [tor-dev] Setting NumEntryGuards=2

On 22 Mar (17:13:40), Mike Perry wrote: > David Goulet: > > On 22 Mar (13:46:36), George Kadianakis wrote: > > > Mike Perry writes: > > > > > > > Arguments in favor of switching to two entry guards: > > > > > > > > 1. One guard allows course-grained netflow confirmation

Re: [tor-dev] Setting NumEntryGuards=2

On Thu, Mar 22, 2018 at 1:13 PM, Mike Perry wrote: > I strongly disagree. Dumping more traffic onto an already existing, > otherwise in-use connection is not the same as the ability to force a > new connection that is only used for a single request at a very specific >

Re: [tor-dev] Setting NumEntryGuards=2

George Kadianakis: > David Goulet writes: > > On 22 Mar (13:46:36), George Kadianakis wrote: > >> Mike Perry writes: > >> > Roger suggested that I enumerate the pros and cons of this increase on > >> > this mailing list, so we can discuss and

Re: [tor-dev] Setting NumEntryGuards=2

David Goulet: > On 22 Mar (13:46:36), George Kadianakis wrote: > > Mike Perry writes: > > > > > Arguments in favor of switching to two entry guards: > > > > > > 1. One guard allows course-grained netflow confirmation attacks > > > > > > The counterargument based on

Re: [tor-dev] Setting NumEntryGuards=2

David Goulet writes: > [ text/plain ] > On 22 Mar (13:46:36), George Kadianakis wrote: >> Mike Perry writes: >> >> > [ text/plain ] >> > Back in 2014, Tor moved from three guard nodes to one guard node: >> >

Re: [tor-dev] Setting NumEntryGuards=2

On 22 Mar (13:46:36), George Kadianakis wrote: > Mike Perry writes: > > > [ text/plain ] > > Back in 2014, Tor moved from three guard nodes to one guard node: > > https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters > >

Re: [tor-dev] Setting NumEntryGuards=2

Mike Perry writes: > [ text/plain ] > Back in 2014, Tor moved from three guard nodes to one guard node: > https://blog.torproject.org/improving-tors-anonymity-changing-guard-parameters > https://trac.torproject.org/projects/tor/ticket/12206 > > We made this change

Re: [tor-dev] Setting NumEntryGuards=2

Hello, Thank you for this great summary :) On 2018-03-20 04:57, Mike Perry wrote: Arguments for staying with just one guard: 1. One guard means less observability. As Roger put it in the above blog post: "I think the analysis of the network-level adversary in Aaron's paper is the strongest

Re: [tor-dev] Setting NumEntryGuards=2

Mike Perry: > 2. Guard fingerprintability is lower with one guard > An adversary who is watching netflow connection records for an entire > area is able to track users as they move from internet connection to > internet connection through the degree of uniqueness of their guard > choice. There is