On 02/24/2017 03:07 PM, Kevin Gallagher wrote: > Hello everyone, > > I've read through the path selection specification document and I am a > bit confused about guard selection. It says that (when guard nodes are > enabled) "Tor maintains an ordered list of entry nodes as one's chosen > guards and stores the list persistently to disk. If a guard node becomes > unusable, rather than replacing it, Tor adds new guards to the end of > the list. When choosing the first hop of a circuit, Tor chooses at > random from among the first 3 (by default) usable guard on the list." > > How is this list derived? What is it ordered by? How many guards are in > this list?
Well, as your quote says, Tor picks a guard, and tries it. If that doesn't work out, it picks another. And it repeats that process until it has working circuits. I've looked at hundreds of state files, and there are typically three guards listed. But sometimes there's just one, and sometimes there are far more than three, if I've messed with the uplink to prevent Tor from completing circuits. I believe that the top guard is the one most recently used, but I'm not sure about that. > Are guards added to the list with probability proportional to > their bandwidth, as with other types of node selection? That's how I understand it. But I haven't studied the selection protocol carefully. > Am I safe in assuming that this is a local list unique to the client? I'm certain that this is a local list. However, although communications with directory servers are encrypted, local adversaries can see which guards your client connects to. So they would probably know which ones are listed in your state file, and maybe even the order. For ordered sets of three guards, chosen randomly from N relays with guard flags, uniqueness would be "N!". Even with bandwidth-biased selection, it's arguably at least N^2. However, guard choice seems more constrained than I had imagined. Some guards are chosen quite often. I've retained state files for 102 Tor (v0.2.9.9) instances, with altogether 299 guards selected. In 260 (87%) of the selections, distinct guards were chosen, with no duplication. However, 15 guards were chosen in two state files (10% of selections) and three guards were chosen in three state files (3% of selections). > Sorry if these questions are a bit basic or if I missed the answers > elsewhere. Thanks for your time! > > -Kevin > > > -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
