Opened 18 months ago

Closed 5 months ago

Last modified 5 months ago

#22958 closed defect (fixed)

Update website FAQ about padding defenses

Reported by: asn Owned by: traumschule
Priority: Medium Milestone: website redesign
Component: Webpages/Website Version:
Severity: Normal Keywords: website, website-content, FAQ
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Someone in the blog pointed out that our FAQ is quite negative towards padding, even tho the latest tor actually does send netflow padding: https://blog.torproject.org/comment/269842#comment-269842

We should probs update the FAQ to avoid spreading confusion:
https://www.torproject.org/docs/faq.html.en#SendPadding

Child Tickets

Change History (9)

comment:1 Changed 18 months ago by hiro

Keywords: website-content added

comment:2 Changed 14 months ago by hiro

Milestone: website redesign

comment:3 Changed 5 months ago by traumschule

Keywords: FAQ added

comment:4 Changed 5 months ago by traumschule

Owner: set to traumschule
Status: newassigned

I am about to create a PR based on below information, please tell if relevant info is missing.

The FAQ mentions padding at two locations and needs to be updated:

  • You should split each connection over many paths.
  • You should send padding so it's more secure.

The blog post mentions:

  • "As part of the security discussion, we talked about the new padding defenses that were recently added to Tor and provide cover to Tor circuits against traffic analysis. We made plans for future padding techniques and defenses."

A comment clarifies:

  • Note that it's just netflow padding to collapse netflow records, it's not the type of expensive padding that the FAQ addresses, but yes the FAQ should be tweaked a bit.

It was also announced on tor-dev: https://lists.torproject.org/pipermail/tor-dev/2015-August/009326.html

Trying to summarize ticket #16861 linked in the blog:

  • Now tor "sends padding on a client's Tor connection bidirectionally at a random interval that we can control from the consensus, with a default of 4s-14s."
  • "padding approaches, with the goal of stymying some of the potential traffic analysis attacks out there -- website fingerprinting, end-to-end correlation, and the things in between. Padding between the guard and the client is especially appealing because a) it looks like it can provide pretty good mileage, and also b) I expect that we'd have an easier time raising more capacity at guards (compared to exits) if we publicize the reason why we need it." (comment:6:ticket:16861)
  • send at least one cell on a connection every 15s
  • the netflow defense only sends padding if the connection is idle

I stopped digging deeper but it might be enough to add this to the faq.

For details we could also link https://www.freehaven.net/anonbib/bibtex.html with several publications on padding.

comment:5 Changed 5 months ago by traumschule

Status: assignedneeds_review

comment:6 Changed 5 months ago by asn

Status: needs_reviewmerge_ready

Thanks for the fixes here.

I made some minor edits in my own PR as a fixup commit: https://github.com/torproject/webwml/pull/24

In particular I fixed a broken anchor link, and a trivial word change.

I think my branch is ready to be merged upstream.

comment:7 Changed 5 months ago by asn

Resolution: fixed
Status: merge_readyclosed

Seems like this branch got merged to the FAQ yesterday but no updates on the ticket.
Closing this ticket.

comment:8 Changed 5 months ago by traumschule

now your changes are not merged?

comment:9 Changed 5 months ago by asn

It's ok the missing anchor link did not make it to the actual website for some reason.
And the 'stymying' word might be ok until someone complains ;)

Note: See TracTickets for help on using tickets.