Sponsor 2

Project Title: Defending Against Website Fingerprinting in Tor

Project Period: September 1, 2016 - August 31, 2019

Project Goals/Activities

The objective of this project is to engage in designing, extensive experimentation, and testing of recently proposed defenses against website fingerprinting attacks in Tor with the goal of near-term deployment. In particular, we are evaluating the WTF-PAD defense, which offers strong protection against the state-of-the-art attacks with no added latency costs and moderate bandwidth overheads that make it appropriate for use in Tor.

The WTF-PAD design also has potential defense applications against a wide variety of related traffic analysis attacks, which we are also investigating.

Project Tracking

Progress can be seen in the network team's kanban board filtering by sponsor 2.

Ticket Summary Status Owner Priority
#13410 Disable self-signed certificate warnings when visiting .onion sites reopened tbb-team Very High
#13739 Optimize the functions called in circuit_launch_by_extend_info() new Medium
#14389 Improve TBB UI of hidden service client authorization needs_revision tbb-team Medium
#16059 Add a "rendezvous approver" control API new Medium
#19251 TorBrowser might want to have an error page specific to when .onion links fail new tbb-team Low
#19757 Make a menu to add onion and auth-cookie to TB new tbb-team Medium
#21952 .Onion everywhere?: increasing the use of onion services through automatic redirects and aliasing reopened linda Medium
#22809 Tor Browser does not provide red security warning for downloading executable in HTTP new tbb-team Medium
#22893 prop224: Make intro point per-service and not per-descriptor accepted dgoulet Very High
#23493 IPv6 v3 Single Onion Services fail with a bug warning new Medium
#23545 UX improvement: Tor Browser should handle bogus HSv3 addresses new tbb-team Medium
#23764 hs-v3: No live consensus on client with a bridge new dgoulet High
#24973 Tor should be more gentle when launching dozens of circuits at once needs_information Medium
#25025 Add icon for next-generation onions in the style guide assigned antonela Low
#25204 Switch security.insecure_connection_* prefs to warn users about insecure HTTP in FF60-esr new tbb-team Medium
#25882 clients not detecting stale onion service introduction points assigned dgoulet High
#26294 attacker can force intro point rotation by ddos new Medium
#26491 Onion+cert UI text is black with Tor Browser 8.0a9 - it should be green new tbb-team Medium
#27502 Prioritize .onion hosts in AltSvc? new tbb-team Medium
#27590 Display .onion alt-svc route in the circuit display new tbb-team Medium
#27636 .onion indicator for non-self-signed but non-trusted sites new tbb-team Medium
#27657 Show .onion icon on Identity drop down? new tbb-team Medium
#27842 Consider end-to-end introduction ACKs new Medium
#28631 Release a useful WTF-PAD to the world (master ticket) new Medium
#28632 Make the original WTF-PAD branch actually useful for us (submaster ticket) new Medium
#28634 Design a useful padding machine that we can enable new Very High
#28638 Serialize state machines in the torrc new High
#28693 Add an option to disable circuit padding reopened High
#28777 Split circuitpadding.c code into multiple modules new Medium
#28780 circpadding: Add machine flag for not closing circuit if machine is active needs_revision Very High
#28804 Add circuit padding to padding-spec.txt and write a doc for researchers new High
#28821 Introduce timer_is_scheduled() method and replace padding_scheduled_at_us new Low
#28878 WTF-PAD: Improve deterministic randomness in tests new Low
#29083 WTF-PAD: Specify exit policy for machine conditions new Medium
#29084 WTF-PAD: Test and improve circuit RTT measurement new Medium
#29085 WTF-PAD: Reduce monotime usage because of performance issues new Very High
#29098 Implement Proposal #265 new Medium
#29102 Serialize padding state machine in consensus new Medium
#29203 Add a way to specify machines as reduced circuit padding new Medium
#29494 Optimize interaction between circuitmux and circuitpadding assigned mikeperry High
#29527 Division by zero: undefined behaviour in circuitpadding/circuitpadding_sample_distribution test needs_review teor High

Last modified 3 weeks ago Last modified on Feb 28, 2019, 4:52:28 PM