In https://lists.torproject.org/pipermail/tor-dev/2012-March/003347.html, some dude who claims to be a raccoon proved that tagging attacks are an amplification attack that allow an adversary who has c/n of the network bandwidth to compromise of c/n of all circuits through the network.
The tagging attack he describes is actually a subset of path bias attacks we've known about for a long time. Tagging is just a particularly nasty one that also allows for a level of amplification that we previously were not aware of.
This ticket is to serve as the parent ticket for several things we can do to improve the situation and defend against tagging in specific or path bias in general.
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Child items
0
Show closed items
No child items are currently assigned. Use child items to break down this issue into smaller parts.
Linked items
0
Link issues together to show that they're related.
Learn more.
Assigning this to sponsor Z, since it needs a Tor milestone. I'd like to get fixes into 0.2.3.x, except for the stuff that requires heavy research, which should target 0.2.4.x.
Trac: Milestone: N/Ato Sponsor Z: November 1, 2013
Some of these should probably be cleaned up/removed. Maybe in the process we should use a keyword rather than this parent ticket.
To more directly answer your question, the only thing I'm aiming to get into 0.2.4.x at this point is #7802 (moved) (which looks like it isn't even a child here, but maybe should be?).
Don't worry, I've been prioritizing tor-core deadlines higher than the remote code exec deadline of Firefox 10ESR. #7802 (moved) will take priority over any Firefox bugs from now till that deadline. Hope everyone has their fingers crossed. It's gonna be a close one :).
The parent of #7802 (moved) is already occupied though. That's the main reason I think we might want to switch to tags for these.
Actually, since both deadlines are set in stone, I think #5956 (moved) is more important than Firefox 10ESR EOL at this point too (now that we have directory guards).
The good news though is that I think our 17ESR patches+Torbutton 1.5 is in a position to build a TBB alpha right now, so that may carry us for long enough with testing for me to get these two done. If not, I guess it a working 17ESR TBB-alpha just waits another week for me to do these two.
This parent ticket is tagged SponsorZ, but it looks like progress on most open children stalled over a year ago and the two more-recently improved tickets (9001, 7003) might be being addressed under other proposals and work.
Should this still be an open SponsorZ ticket?
Trac: Reviewer: N/AtoN/A Sponsor: N/AtoN/A Severity: N/Ato Normal