1

I've been told guards are selected when a client first connects to the Tor network and used until they disappear.

What constitutes disappearing?
Do all guards need to disappear (and then the whole set is replaced) or just one (and only that one is replaced)?

Would it be possible to get selected as a target's guard by DoS'ing random guards until you get chosen?

  • Where were you told guards are used until they "disappear", this isn't true? And yes, it's possible to denial of service a guard as a discovery mechanism. It's known as the "Sniper Attack". – cacahuatl Jan 07 '17 at 07:33
  • 1
    https://tor.stackexchange.com/questions/10610/since-what-version-number-is-first-tor-ip-address-unchanged/10612#10612 this answers guard rotation, the sniper attack is also covered elsewhere too. – cacahuatl Jan 08 '17 at 01:50
  • Well I wasn't "told" exactly, I heard it in a talk.

    Roger Dingledine said it at 11:30 of his Defcon 16 talk: Security and Anonymity Vulnerabilities in Tor: Past, Present, Future https://media.torproject.org/video/Defcon16-Roger_Dingledine-Sec_Anonymity_Vulns_in_Tor.m4v

    The exact quote is ``The idea is every client picks 3 or 4 entry nodes. Three or four Tor servers as her first hop always and she sticks with those 3 or 4 until they disappear''

     –  Jan 08 '17 at 01:55
  • 1
    Ah, defcon 16 is quite some time ago. See the other answer I linked above for what guard rotation looks like more recently, and my answer to a question about guard lifetimes here: https://tor.stackexchange.com/questions/13328/guard-nodes-how-long-is-too-long – cacahuatl Jan 08 '17 at 01:57
  • Thanks, that looks like it might contain the information I need –  Jan 08 '17 at 02:04

0 Answers0