Opened 3 years ago

Last modified 12 months ago

#25574 new defect

Eliminate "silent-drop" side channels in Tor protocol

Reported by: mikeperry Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: guard-discovery-stats
Cc: dmr Actual Points:
Parent ID: Points: 10-30
Reviewer: Sponsor:

Description (last modified by dmr)

There are lots of ways to inject data into Tor streams, and this is a vector of attack for guard discovery and confirmation ("DropMark" attack):

I have a branch that tries to eliminate a pile of these from a while ago, but it has lots of false positives due to the common occurrence of invalid stream IDs in practice (see #25573).

I think we may want to do #25573 before trying to merge that branch.

Child Tickets

#25573closedTrack half-closed stream IDsCore Tor/Tor

Change History (10)

comment:1 Changed 3 years ago by nickm

I really want to ask for a proposal on this -- if only a formal list of the stuff you want to change here.

comment:2 Changed 2 years ago by dmr

Cc: dmr added

comment:3 Changed 2 years ago by asn

Milestone: Tor: unspecified

comment:4 Changed 2 years ago by dmr

Description: modified (diff)

Adding parenthetical to tie that term 'DropMark' to the paper (it might not otherwise be obvious by context).

comment:5 Changed 21 months ago by mikeperry

Points: 30

comment:6 Changed 21 months ago by mikeperry

Points: 3010-30

comment:7 Changed 20 months ago by cypherpunks

there are lots of ways to do it, but the dropmark paper says:

We used relay drop cells because they do not raise any log message.

why is that?

i found some history:

Once-upon-a-time DROP cells were getting logged. Roger //'ed it out in '06 cause it was "loud":

(:thinkingface: how was that "loud"? was anything besides attackers sending DROP cells in 2006?)

mikeperry replaced the //'ed log line with return 0 in 2018:

But even if tor had no silent drops relays could still embed timing signals like Jann Horn demonstrates here: ​;a=blob;f=README (what ticket number is that?)

Last edited 12 months ago by cypherpunks (previous) (diff)

comment:8 Changed 17 months ago by gaba

Removing sponsor V as we do not have more time to include this tickets in the sponsor.

comment:9 Changed 17 months ago by gaba

Sponsor: SponsorV-can

Removing sponsor from tickets that we do not have time to fit in the remain of this sponsorship.

comment:10 Changed 13 months ago by cypherpunks

Could someone please update Tor's threat model to clarify that Tor cannot (and has no plans to ever be able to) protect against adversaries who control both the first and last hops of a circuit?

Last edited 12 months ago by cypherpunks (previous) (diff)
Note: See TracTickets for help on using tickets.