Opened 6 years ago

Closed 6 years ago

#9500 closed defect (duplicate)

Bridges still Entry Guards?

Reported by: nwf Owned by:
Priority: Medium Milestone: Tor: unspecified
Component: Core Tor/Tor Version:
Severity: Keywords:
Cc: isis@… Actual Points:
Parent ID: Points:
Reviewer: Sponsor:


torspec/proposals/125-bridges.txt says

3.7. Do we need a second layer of entry guards?

  If the bridge user uses the bridge as its entry guard, then the 
  triangulation attacks from Lasse and Paul's Oakland paper work to
  locate the user's bridge(s).

  Worse, this is another way to enumerate bridges: if the bridge users
  keep rotating through second hops, then if you run a few fast servers
  (and avoid getting considered an Exit or a Guard) you'll quickly get 
  a list of the bridges in active use.

  That's probably the strongest reason why bridge users will need to
  pick second-layer guards. Would this mean bridge users should switch
  to four-hop circuits?

  We should figure this out in the 0.2.1.x timeframe.

That timeframe has come and gone and I did not see any tickets about this behavior (sorry if I missed any!).

Child Tickets

Change History (5)

comment:1 Changed 6 years ago by lunar

Component: - Select a componentTor

comment:2 Changed 6 years ago by nickm

Milestone: Tor: unspecified

Bridges don't do this yet. There's a design suggestion that bridges themselves should introduce an intermediate hop on each circuit extended through them, but I can't find a ticket for that right now.

comment:3 in reply to:  2 Changed 6 years ago by sysrqb

Looks to be #7144 (unless you're thinking about a different, related ticket).

comment:4 Changed 6 years ago by isis

Cc: isis@… added

comment:5 Changed 6 years ago by nickm

Resolution: duplicate
Status: newclosed

Ah, right. closing as duplicate then.

Note: See TracTickets for help on using tickets.