#23641: prop224: Fake client auth lines do not actually provide obfuscation ----------------------------+------------------------------------ Reporter: asn | Owner: (none) Type: defect | Status: new Priority: Medium | Milestone: Tor: 0.3.2.x-final Component: Core Tor/Tor | Version: Tor: 0.3.2.1-alpha Severity: Normal | Resolution: Keywords: prop224 tor-hs | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: ----------------------------+------------------------------------
Comment (by dgoulet): Replying to [comment:3 asn]: > Replying to [comment:1 nickm]: > > One thing that these fake lines do hide is the _number_ of real auth- client lines? > > That's true. We should probably continue adding fake lines if auth is actually enabled. > But they offer nothing if auth is disabled. Is it really true for (a) here? We do padding by multiple of 10k bytes so if the normal descriptor is lets say 23k, it is padded to 30k. But if client auth is enabled, it could go to something like 32k thus 40k padded. If I don't have an onion address for that descriptor, I can still say that "oh this descriptor here as client auth" just because the size compared to the majority of them is different. Any descriptor diverging in size either has *many* IPs or/and client auth basically. Maybe that unknown is enough to justify not adding fake client, unsure. Thus, I kind of think having this concept of fake client for every descriptor is useful because it makes them "look all alike" in terms of size for observers who don't have the .onion. If you *do* have the .onion, the number of valid client will be obfuscated so I do see a gain for both situations? I do agree on the change of `T0N()` so we have more room for change. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/23641#comment:4> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs