Lennart Oldenburg lennart.oldenburg@esat.kuleuven.be writes:
Hi all,
We are investigating how Tor protects itself against Denial-of-Service (DoS) attacks. So far, it has been difficult to find a comprehensive top-level design document for the DoS subsystem (e.g., a torspec or proposal) that reflects the decisions that lead to the subsystem in its current form.
Specifically, we are looking at the DoS mitigation subsystem code for entry guards at src/core/or/dos.{h,c} [1]. We are trying to understand the chosen countermeasures and how the default and current consensus values came to be, e.g., the decision to limit to 3 circuits per second after the initial burst.
- Could you kindly point us in the right direction if any such document
exists?
- If it does not exist, would you mind briefly explaining how the DoS
threshold values (such as DoSCircuitCreationMinConnections, DoSCircuitCreationRate, DoSCircuitCreationBurst, and DoSConnectionMaxConcurrentCount) were chosen?
Hello there,
first of all let me say that the DoS subsystem of Tor is under active development, so things are subject to change and mutate towards various directions (e.g. https://lists.torproject.org/pipermail/tor-dev/2020-April/014215.html).
However, since you are asking for resources on the currently existing DoS subsystem here is some things you can look at:
- Resources on general Tor rate limiting: https://trac.torproject.org/projects/tor/ticket/24902 https://lists.torproject.org/pipermail/tor-relays/2018-January/014357.html
- The proposal for the HS DoS subsystem: https://github.com/torproject/torspec/blob/master/proposals/305-establish-in...
- More information on HS DoS subsystem: https://lists.torproject.org/pipermail/tor-dev/2019-April/013790.html https://lists.torproject.org/pipermail/tor-dev/2019-May/013837.html https://lists.torproject.org/pipermail/tor-dev/2019-July/013923.html
Good luck with your research and please let us know if you reach the point where you can break or fix things! :)
Cheers!