Changes between Version 9 and Version 10 of org/sponsors/SponsorV


Ignore:
Timestamp:
Oct 25, 2017, 3:10:00 AM (2 years ago)
Author:
mikeperry
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • org/sponsors/SponsorV

    v9 v10  
    1717= Tentative Roadmap =
    1818
    19 We currently believe that guard discovery attacks are the most serious threat to anonymity and availability of the Tor network. We are collecting tickets for the [https://trac.torproject.org/projects/tor/query?keywords=~guard-discovery these vectors under the keyword guard-discovery].
     19We currently believe that guard discovery attacks are the most serious threat to anonymity and availability of the Tor network. We are collecting tickets for the [https://trac.torproject.org/projects/tor/query?keywords=~guard-discovery these vectors under the Trac keyword guard-discovery].
    2020
    21 This roadmap is a living document. We still do not understand the full scope of attacks and fixes for guard discovery attacks, and other attacks that are also in scope of this sponsor may appear at any time. No plan survives contact with the enemy.
     21This roadmap is a living document. We do not have an exhaustive list of all attacks and fixes for guard discovery, and other attacks that are also in scope for this sponsor may appear at any time. No plan survives contact with the enemy.
    2222
    2323== Short Term ==
     
    2525Our short term plan is to go after low hanging fruit. Several of the guard discovery attack vectors are very easy to mitigate, but very hard to solve entirely. We must not let perfect be the enemy of good during this phase.
    2626
    27 To start, a few relatively simple changes can be completed on the 0.3.2/0.3.3 timescale that should address vectors relating to our statistics reporting and gathering:
     27To start, a few relatively simple changes can be completed on the 0.3.2/0.3.3 timescale that should mitigate vectors relating to our statistics reporting and gathering:
    2828
    2929[[TicketQuery(keywords=~guard-discovery-stats,milestone=~0.3.2.x-final,order=priority,desc=1,format=table,col=resolution|summary|owner|reporter)]]
     
    3131[[TicketQuery(keywords=~guard-discovery-stats,milestone=~0.3.3.x-final,order=priority,desc=1,format=table,col=resolution|summary|owner|reporter)]]
    3232
    33 Separate from the above, [https://gitweb.torproject.org/torspec.git/tree/proposals/247-hs-guard-discovery.txt Proposal 247] is our proposal for changing Tor's path selection for hidden services to deal with [https://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf trawling-style middle-node based attacks]. Unfortunately, Proposal 247 requires quite a bit of performance tuning before we can do a final implementation. The final implementation will also require extensive modifications to Tor's path selection code.
     33Separate from the above, [https://gitweb.torproject.org/torspec.git/tree/proposals/247-hs-guard-discovery.txt Proposal 247] is our proposal for changing Tor's path selection for hidden services to deal with [https://www.ieee-security.org/TC/SP2013/papers/4977a080.pdf middle-node trawling-based attacks]. Unfortunately, Proposal 247 requires quite a bit of performance tuning before we can do a final implementation. The final implementation will also require extensive modifications to Tor's path selection code, at least for hidden services.
    3434
    35 The good news is that we can provide significantly improved security before we complete this implementation by providing torrc options and an add-on a Tor Controller that implements our intended algorithm. This same add-on Tor controller will also be used for performance evaluation. The target release for this initial work is Tor 0.3.3, which freezes mid-January 2018. The set of development work for this is:
     35The good news is that we can provide significantly improved security before we complete a final implementation by providing torrc options and an add-on a Tor Controller that implements our intended path selection algorithm. This same add-on Tor controller will also be used for performance evaluation. The target release for this initial work is Tor 0.3.3, which freezes mid-January 2018. The set of development work for this is:
    3636
    3737[[TicketQuery(keywords=~guard-discovery-prop247-controller,order=priority,desc=1,format=table,col=resolution|summary|owner|reporter)]]
     
    4343XXX: These two experiments should have tickets.
    4444
    45 Proposal 247 by itself is insufficient to deal with all forms of guard discovery. In particular, circuit lifetime attacks like #22728 suggest that we need some way of re-establishing cirucits to an IP/RP over a new path. [https://www.cypherpunks.ca/~iang/pubs/conflux-pets.pdf the conflux technique] may be one way to do this. Note that for #22728 we do not need the flow control and load balancing pieces of conflux. we only need the ability to migrate an RP/IP from one path to another.
     45Proposal 247 by itself is insufficient to deal with all forms of guard discovery. In particular, circuit lifetime attacks like #22728 suggest that we need some way of re-establishing cirucits to an IP/RP over a new path. [https://www.cypherpunks.ca/~iang/pubs/conflux-pets.pdf the conflux technique] may be one way to do this. Note that for #22728 we do not need the flow control and load balancing pieces of conflux. We only need the ability to migrate an RP/IP from one path to another.
    4646
    4747Here are other tickets we do not have a solid plan for yet: