[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Cryptographic social networking project



 

>although by the forward secret nature of Tor it isn't even a very worthwhile >exercise even if decryption were feasible

If attackers break ciphers one decade later then Tor's forward secrecy
is compromised even for any collected forward secure operation today. 

>I like that you are using "our" while speaking of the secushare model,
>I assume you are considering joining forces. ;)

Our goal is common so it doesn't matter I join you or you join us, the
outcome belongs to people like any other free software :) 

>>anonymity is a different topic. i'm talking about compromising social
>>graphs. for instance in netflix attack vertices are already anonymous
>>but attackers try match some data from IMDB that gave real identities
>>for patterns to deanonymize similar patterns on anonymized netflix
>>dataset and they really did!

>I'm not familiar with this incident. Do you have some info?

This incident is similar to that Flickr paper that you already saw.
Attackers poll out
real identities from another source (e.g IMDB) then try
correlate their patterns with side-channels of pseudonyms to deanonymize
vertices.

>Did you understand what I said when I mentioned multicast ratchets?
>You maintain the advantages of distributing just one packet across
>the network while at the same time having a differently encrypted
>packet on each node of the tree. If I wasn't clear, please ask - not skip.

I thought you said each vertex get same thing, if they get different
things then it's
better

>>>Of course accessing blocks from a third party server is a trade-off in excessive >>>bandwidth, please. 

>>How much excessive MB/GB/TB it would be in your estimation when we >>download block from server?? 

>As I said it is like having n unicast downloads vs one Bittorrent.
>I don't need numbers to know, that the multicast architecture will
>be more efficient in most use cases, but I am sure research has
>plenty of numbers to offer. Please investigate.

I think you are talking about pressure not bandwidth because 167 friend
download same amount of data from server if they try download it from
Bittorent either, and we don't care about pressure on server.

>As I explained, the multicast network itself does a certain amount
>of spooling - and if you *really* need to recover old data, you
>can still reach out for the other subscribers of each pubsub. We
>also intend to use pubsubs among devices to share configuration
>and serve as each other's backup. If you have a relay that is your
>friend, then it can keep a copy of your backups - so whenever you
>lose your smartphone you can recreate your identity and secushare
>experience on a new one. No need for cloud storage for anything.

So you say that at first glance each pubsub node keep all blocks for all
other friendly pubsub nodes then furthermore we save the block on an
unreliable
Bittorrent network? In my opinion even friends are unreliable however
better than strangers.

>Is social networking all about hi-res pictures and movie sharing?

not all but most of the expensive part is that
 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk