On Mon, Sep 16, 2024 at 08:17:25PM +0000, pasture_clubbed242--- via tor-relays wrote: > Something I always found confusing is what the difference is between the > Vanguards Github project, and the version of Vanguards that Tor has > implemented. I thought Vanguards was added into Tor no? Is the Vanguards > project still useful despite this? > > I'm not sure if this spec is the exact implementation or a recommendation for > an external plugin. > https://spec.torproject.org/vanguards-spec/full-vanguards.html > I have also seen other mentions of an implementation elsewhere.
The "full" vanguards design includes other changes to how Tor handles edge cases and unexpected circuit/stream behavior which might be able to be used as a side channel, but the main tradeoff is that it slows down your circuits. You have to run it alongside your Tor, as a controller, which means it is not for "end" users. You can read about it on this blog post: https://blog.torproject.org/announcing-vanguards-add-onion-services/ Whereas the "lite" design is a subset of the full design, which we built into C-Tor back in 2021-2022 when it became clear that some of these guard discovery attacks we worried about might actually be more practical than first thought. You can read about vanguards-lite in Proposal 333: https://gitlab.torproject.org/tpo/core/torspec/-/blob/main/proposals/333-vanguards-lite.md and you can read one of the motivations for it in this research paper: https://petsymposium.org/popets/2022/popets-2022-0026.pdf And lastly, there is a great explanation of both variations of vanguards in this blog post talking about adding them to Arti: https://blog.torproject.org/announcing-vanguards-for-arti/ --Roger _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
