#33648: vanguards: What is the recommended value? --------------------------+---------------------------------- Reporter: cypherpunks | Owner: mikeperry Type: task | Status: assigned Priority: Medium | Milestone: Tor: unspecified Component: Core Tor/Tor | Version: Severity: Normal | Resolution: Keywords: vanguards | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: --------------------------+----------------------------------
Comment (by mikeperry): Replying to [comment:8 Thernet]: > Replying to [comment:5 mikeperry]: > > Q1 - Smaller values for max circuit age may make you stand out a little. > > > "Circuit Fingerprinting Attacks: Passive Deanonymization of Tor Hidden Service" > ISBN 978-1-939133-11-3 > > {{{ > First, all circuits should have **similar lifetime**. > Client IP and hidden service IP lasts either a **very short or very long time**, > and this is **very identifying**. > }}} > > Vanguards' circ_max_age_hours makes you unique. Are you sure this configurable parameter is safe to use for everyone? The max is meant to be set waaayyy beyond onion service setup times -- as in hours or days. And it is a max. If a circuit is closing for other reasons, it does not keep it open. Our circuit padding defense handles this, though. I do not think this is extremely fingerprintable, but it is noticeable at the guard in cases where your circuits do live this long and they get closed at exactly this time. It is arguable that maybe we should randomize this so we don't close on exactly this value, but it is also meant to be used as a safeguard against *really* long circuits, as in day-long or longer, since at that point intermeditate TLS connections may rotate and expose you to traffic analysis risks due to that. Note that vanguards does not attempt to conceal its presence from client, local, or guard adversaries -- it is possible for both adversaries to determine you are using the addon. This is documented in the security document: https://github.com/mikeperry- tor/vanguards/blob/master/README_SECURITY.md Search that document for vanguards for details. It is possible to tune some of those things to be less noticable, but at the end of the day, using 3 middles after your guard will be visible to your guard, unless you start spamming and try to look like a web crawler or something. Or we develop a circuit padding defense to conceal this. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/33648#comment:9> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs