Opened 7 months ago

Closed 5 months ago

Last modified 5 months ago

#25545 closed defect (fixed)

Figure out default vanguard script parameters

Reported by: asn Owned by: asn
Priority: Medium Milestone: Tor: 0.3.4.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-guard, guard-discovery, 034-roadmap-master, 034-triage-20180328, 034-included-20180328
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: mikeperry Sponsor: SponsorV

Description

We should run our vanguard security simulator to figure out good values for the default number of guards in each guard layer so that security is good and performance is also reasonable.

This is a master ticket for our roadmap.

Child Tickets

Change History (10)

comment:1 Changed 7 months ago by nickm

Keywords: 034-roadmap-master added

comment:2 Changed 7 months ago by nickm

Milestone: Tor: 0.3.4.x-final

comment:3 Changed 7 months ago by nickm

Keywords: 034-triage-20180328 added

comment:4 Changed 7 months ago by nickm

Keywords: 034-included-20180328 added

comment:5 Changed 7 months ago by asn

Hello, I just pushed a first draft of the vanguard simulator in: https://github.com/asn-d6/vanguard_simulator

Mike, if you want, check it out and let me know if it works for you.

I plan to work more on it next week and try to get some useful data.

comment:6 Changed 6 months ago by asn

Hey Mike, where are we here? Which particular topologies are you considering lately? Anything I can do with the simulator? How can we analyze next?

comment:7 Changed 5 months ago by dgoulet

Owner: set to asn
Status: newassigned

Assigning Owner to lead this. Feel free to change it but lets avoid having it empty.

comment:8 Changed 5 months ago by asn

Resolution: fixed
Status: assignedclosed

Posted my analysis of vanguard topologies here: https://github.com/asn-d6/vanguard_simulator/wiki/Optimizing-vanguard-topologies

It's pretty much in-line with the analysis that Mike has done.

I'm hence closing this deliverable item, and let's discuss more in the future as part of the vanguard project.

comment:9 Changed 5 months ago by mikeperry

I have a quick observation here: If I am understanding the source right, the pwnage time to compromise L2 is chosen for each relay in L2. These times come from the adversary model.

Since these times come from a probability distribution, the more times we sample it (for more L2 guards), the more likely we are to get a lower value for time-to-compromise for that layer. I suppose this reflects reality somewhat. The more L2 guards there are, the more likely you're able to get to one of them faster than the others.

Anyway I agree with the ultimate conclusion of your doc. I will get vanguards into a state that we can run a bunch of onionperf instances with it and compare 2-3-8 and 2-4-8 there.

comment:10 in reply to:  9 Changed 5 months ago by asn

Replying to mikeperry:

I have a quick observation here: If I am understanding the source right, the pwnage time to compromise L2 is chosen for each relay in L2. These times come from the adversary model.

Since these times come from a probability distribution, the more times we sample it (for more L2 guards), the more likely we are to get a lower value for time-to-compromise for that layer. I suppose this reflects reality somewhat. The more L2 guards there are, the more likely you're able to get to one of them faster than the others.

Yep, I also think that's normal.

Anyway I agree with the ultimate conclusion of your doc. I will get vanguards into a state that we can run a bunch of onionperf instances with it and compare 2-3-8 and 2-4-8 there.

Sounds great.

If we have no time for careful analysis here, we can also just launch with 2-3-8 and depending on how that goes see if we want to bump it up to 2-4-8.

Note: See TracTickets for help on using tickets.