Delay the start / stop of the tor node for security?

ricochet-im / ricochet

Anonymous peer-to-peer instant messaging

https://ricochet.im/

Other

3.7k stars 399 forks source link

Delay the start / stop of the tor node for security? #221

Closed allo- closed 9 years ago

allo- commented 9 years ago

Starting and stopping an own tor node for the chat may lead to correlation attacks against a ricochet user and the corresponding tor node being online. Maybe the chat should come online a bit later and the tor node should stop a bit later than the chat, using random delays?

special commented 9 years ago

I think the correlation attack you're referring to only applies when running a hidden service and a tor relay from the same place. Ricochet doesn't run a tor relay - it's only a client.

Only your guard, directory guards, and local network are in a position to observe when your tor client comes online.

allo- commented 9 years ago

No, i think you have the problem anyway.

Assume i am an evil spy. I suspect you of something.

I watch your internet connection, when your tor connects some entry node
I watch your chat status

I see, oh he got online and the tor node of the user at IP x.x.x.x went online a few seconds before. Maybe they are the same? Watching this a few times, i have a good idea, who you are.

special commented 9 years ago

Ah! What you're referring to is a confirmation attack - the attacker suspects that ricochet:abc123 is connecting from 1.2.3.4, and is able to monitor both of them and verify the guess.

These confirmation attacks are really hard to defend against. Tor itself is susceptible in many different ways. Quoting the Tor blog:

The way we generally explain it is that Tor tries to protect against traffic analysis, where an attacker tries to learn whom to investigate, but Tor can't protect against traffic confirmation (also known as end-to-end correlation), where an attacker tries to confirm a hypothesis by monitoring the right locations in the network and then doing the math.

I don't think a simple delay would solve anything - there are still many aspects of the traffic you can correlate to run a confirmation attack.

allo- commented 9 years ago

Yeah. For other stuff i often had my (client) node running without using it all the time, just to avoid too obvious online/offline correlations. Of course there are more attacks, but if the node runs long enough tor can (or will try to implement) countermeasures, as discussed by the developers there in greater detail. But if you stop tor a few seconds after stopping the client, no tor countermeasure can have an effect about the correlation between client exit and tor exit.