GitLab

In Wilmington we brainstormed at least two different ways to perform guard discovery by keeping a circuit opened to a hidden service for a long time. These attacks will continue to work even after something like Proposal #247 (moved) is implemented.

Attack #1: Use many long-lived circuits to probe when the guard in use goes down. If several circuit teardowns are correlated with a guard going offline, you have a good candidate guard.

Attack #2 (closed): Keep a circuit opened long after a guard has been rotated away, and then start sending data down it. After one week, Tor decides that TLS connections are too old to use for new circuits, so after this point, your circuit should be one of the few things left on the TLS connection. Once this happens, if you can readily obtain netflow statistics at ISPs/core routers, you can walk your way all the way back to the client by seeing which Tor TLS connections match the byte counts you send.

We decided that this means we should close hidden service circuits after a day or so by default. Later, if we implement conflux, we could periodically reattach such circuits using conflux IDs instead.

We argued for a while about allowing people to have their Tor hidden service not kill long-lived circuits. I am of the opinion that we should allow this, with the appropriate warnings in the manpage and Tor log for the option.