[guardian-dev] 81% of Tor users can be de-anonymised by analysing router information, research indicates
Michael Rogers
michael at briarproject.org
Thu Nov 20 09:46:29 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 20/11/14 14:21, Nathan of Guardian wrote:
>> If we simply use Tor as a low-latency transport for asynchronous
>> messaging then we're limited to Tor's threat model, i.e. we
>> can't prevent traffic confirmation attacks. If we revive one of
>> the remailers or build a new system then we're limited to a small
>> number of users, i.e. a small anonymity set. So ideally we'd find
>> some way of adding high-latency mix-like features to Tor.
>
> How much difference in latency are we talking about? Can we just
> introduce some sort of randomness or delay into our existing
> stacks/protocols?
If we add delays at the application layer then those delays will be
the same all along the Tor circuit. So from the point of view of an
adversary doing a traffic confirmation attack against Tor, the delays
are irrelevant: the adversary sees the same pattern of delays at both
ends of the circuit, so the ends are still correlated with each other.
To decorrelate the traffic entering Tor from the traffic leaving Tor
we need to delay the traffic at each hop. Ideally we'd go further than
that and decouple high-latency traffic from circuits, so that traffic
could enter Tor on one circuit and leave on another circuit, long
after the first circuit was closed. But that's a much harder problem
than adding a delay at each hop, I think.
>> Done right, this could provide a large anonymity set for the
>> high-latency users and improve the traffic analysis resistance of
>> Tor for the low-latency users at the same time, by providing a
>> pool of latency-insensitive traffic to smooth out the bursty
>> low-latency traffic between relays.
>
> I think this really makes the case, why a native Tor-based
> messaging channel/layer/link/substrate should be implemented.
Great! Maybe we should move this discussion to the thread on tor-dev
that Mansour Moufid started recently?
https://lists.torproject.org/pipermail/tor-dev/2014-November/007741.html
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQEcBAEBCAAGBQJUbf7EAAoJEBEET9GfxSfMV3MH/RX9p06HaC7Z1yP4XKW23bIL
14H2HvAKXPmTGMP5+HOHK8UmOW3nqlsiCZsX458PaSkrThk/wLrqGij4usbqPvaX
PnpEK3q9RijL7syvocsVkdtV8SLIows+l4A9jJsL5w1qd+Pfpch5xc6jtfm6n9X0
hAon3oAIkNtfQpmfw4sVFhn19GxCVFUFJkIYKoi3lHCyNMr4cpBW1zIeI9RDcyMh
tpooERBHx/DAXfo/Tc6ZaLhaBu7IZkvATlybKeMM/vDOOu78Hc9Fh0u5a2WM3ITC
xYbbxdDesDefffJ527ZS3o+inhwiNXx332o+EUh/Zq4wBkBLVW3bdaSEw1SbCNU=
=hizc
-----END PGP SIGNATURE-----
More information about the Guardian-dev
mailing list