Opened 8 weeks ago

Last modified 4 weeks ago

#29999 new project

Objective 1, Activity 2: Denial of service defences

Reported by: pili Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Normal Keywords: tor-hs, tor-dos, network-team-roadmap-2019-Q1Q2
Cc: gaba Actual Points:
Parent ID: #30281 Points: 36
Reviewer: Sponsor: Sponsor27


This is the parent ticket to hold any tickets under this activity, including:

  • Reducing the amount of circuits that they build over time on the Tor network
  • Providing more ways for onion service administrators to control the influx of incoming users in heavy traffic scenarios.
  • Improving our defense mechanisms by:
    • Decreasing onion service load on the Tor network, by slowing down Tor circuit creation on startup.
    • Optimizing relevant onion service functions that are called multiple times therefore taking a lot of the CPU.
    • Making it harder for adversaries to force services to rotate their introduction points.
  • Writing a Tor software change proposal for a “rendezvous approver” API that can be useful for:
    1. Rate limiting; allow at most N unauthenticated clients over a set time period
    2. Extra-conservative logic like "stop accepting connections during potential guard discovery"
    3. Limiting capacity to control server load; only allow N simultaneous clients.
    4. Protocol-tuned rules for things like Ricochet
    5. More advanced pre-rendezvous authorization
    6. Load-balancing across multiple servers running Tor onion services
  • Closing client circuit once the INTRO1/ACK dance has been completed, decreasing load on the Tor network.

Child Tickets

#15516assigneddgouletConsider rate-limiting INTRODUCE2 cells when under loadCore Tor/Tor
#24962newSingle hop onion service denial of service issuesCore Tor/Tor
#24973needs_informationTor should be more gentle when launching dozens of circuits at onceCore Tor/Tor
#26294assignedasnattacker can force intro point rotation by ddosCore Tor/Tor
#29607needs_informationpidgin2019 Q1: Denial of service on v2 and v3 onion serviceCore Tor/Tor
#30466assignedneelhs: Do not allow more than one control cell on a circuitCore Tor/Tor

Change History (6)

comment:1 Changed 8 weeks ago by pili

Points: 15

comment:2 Changed 7 weeks ago by nickm

Milestone: Tor: unspecified

comment:3 Changed 6 weeks ago by dgoulet

Keywords: tor-hs tor-dos added

comment:4 Changed 6 weeks ago by asn

Points: 1536

comment:5 Changed 5 weeks ago by asn

Parent ID: #30281

comment:6 Changed 4 weeks ago by gaba

Keywords: network-team-roadmap-2019-Q1Q2 added
Note: See TracTickets for help on using tickets.