Opened 20 months ago

Closed 20 months ago

Last modified 20 months ago

#24317 closed task (duplicate)

Do not use same country in the Tor circuits

Reported by: cypherpunks Owned by:
Priority: High Milestone:
Component: Core Tor/Tor Version:
Severity: Critical Keywords:
Cc: Actual Points:
Parent ID: #22339 Points:
Reviewer: Sponsor:

Description

Recently, Tor circuits often choose paths trough the same country. Paths with three relays within the same country occur frequently but should be a bad idea. This makes it easier for attackers with nation-wide power. The risk of correlation attacks should be mitigated by using relays located across different countries.

Child Tickets

Change History (3)

comment:1 Changed 20 months ago by cypherpunks

Summary: Tor circuits in the same countryDo not use same country in the Tor circuits
Type: defecttask

[US]-[US]-[US]
[US]-[US]-[UK]
[US]-[UK]-[US]

Tor SHOULD not use same country. Please fix this already.

  1. Read ExcludeNodes if exist.
  2. Build "country array".
  3. While connect to 1st, pick 1 country and delete it from country array.
  4. While connect to 2nd, instruct the 1st node to use 2nd, pick 1 country and delete it from country array.
  5. same as 4

result:
[UK]-[CN]-[RU]

comment:2 Changed 20 months ago by cypherpunks

Resolution: duplicate
Status: newclosed

GeoIP is unreliable, what if a [UK] node is actually in the [US] and you actually end up with a [US]-[US]-[US] circuit?

That said, this is a duplicate of #22339.

See #3678 for more discussion.

comment:3 Changed 20 months ago by arma

Parent ID: #22339
Note: See TracTickets for help on using tickets.