Version 6 (modified by mikeperry, 2 years ago) (diff)



October 2015 - September 2018 (...)


Joint project with Georgetown and NRL focusing on research about resilience to attacks that reduce anonymity or that deny service.

The grant also includes a "transition to practice" component, which means we should not only help with the research side, but also build and deploy the more promising solutions.


  • Produce research papers
  • Release software (e.g. Tor) that includes fixes based on the research papers
  • Work with Micah Sherr and Rob Jansen

Tentative Roadmap

Guard discovery attacks are currently believed to be the most serious threat to anonymity and availability of the Tor network. The full scope and vectors for these attacks are not yet fully understood, but we are collecting tickets for the most severe vectors.

This roadmap is a living document. We still do not understand the full scope of attacks and fixes for guard discovery attacks, and other attacks that are also in scope of this sponsor may appear at any time. No plan survives contact with the enemy.

Short Term

Our plan is to fix lowest hanging fruit first. Because Proposal 247 requires quite a bit of performance tuning, but will still provide improved security without completing that tuning, we are going to aim to support an external implementation through an add-on Tor Controller and torrc options. This Tor controller will also be used for performance evaluation.

The set of development work for this is:

Ticket Resolution Summary Owner Reporter
#13837 implemented Mitigate guard discovery by pinning middle node mikeperry asn
#23100 fixed Circuit Build Timeout needs to count hidden service circuits mikeperry mikeperry
#23101 implemented Predict and build specific HS purpose circuits (rather than GENERAL) mikeperry mikeperry
#23114 implemented Circuit Build Timeout should apply at circuit completion mikeperry mikeperry
#24487 Reverse path selection (choose outer hops first) mikeperry

Additionally, a few relatively simple changes can also be completed on the 0.3.2/0.3.3 timescale that should address other vectors relating to our statistics reporting and gathering:

Ticket Resolution Summary Owner Reporter
No tickets found

Ticket Resolution Summary Owner Reporter
No tickets found

Long Term

After 0.3.3,

Research Roadmap