mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-14 07:03:44 +01:00
b0e92634d8
This defense will cause Cisco, Juniper, Fortinet, and other routers operating in the default configuration to collapse netflow records that would normally be split due to the 15 second flow idle timeout. Collapsing these records should greatly reduce the utility of default netflow data for correlation attacks, since all client-side records should become 30 minute chunks of total bytes sent/received, rather than creating multiple separate records for every webpage load/ssh command interaction/XMPP chat/whatever else happens to be inactive for more than 15 seconds. The defense adds consensus parameters to govern the range of timeout values for sending padding packets, as well as for keeping connections open. The defense only sends padding when connections are otherwise inactive, and it does not pad connections used solely for directory traffic at all. By default it also doesn't pad inter-relay connections. Statistics on the total padding in the last 24 hours are exported to the extra-info descriptors.
17 lines
968 B
Plaintext
17 lines
968 B
Plaintext
o Major features (traffic analysis)
|
|
- Relays and clients will now send a padding cell on idle OR
|
|
connections every 1.5 to 9.5 seconds (tunable via consensus
|
|
parameters). Directory connections and inter-relay connections
|
|
are not padded. Padding is negotiated using Tor's link protocol,
|
|
so both relays and clients must upgrade for this to take effect.
|
|
Clients may still send padding despite the relay's version by
|
|
setting ConnectionPadding 1 in torrc, and may disable padding
|
|
by setting ConnectionPadding 0 in torrc. Padding may be minimized
|
|
for mobile users with the torrc option ReducedConnectionPadding.
|
|
Implements Proposal 251 and Section 2 of Proposal 254; closes ticket
|
|
#16861.
|
|
- Relays will publish 24 hour totals of padding and non-padding cell
|
|
counts to their extra-info descriptors, unless PaddingStatistics 0
|
|
is set in torrc. These 24 hour totals are also rounded to multiples
|
|
of 10000.
|