[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: chaining JAP and Tor
On Thu, Jul 21, 2005 at 08:03:58PM +0000, Ben Clifford wrote:
> Dear Paul,
> Thanks ever so much for spending so much time on your post. I am very new
> to all this and won't pretend that I understood all of it. But can I just
> ask you to perhaps put it like this to me:
> You see no advantage (increased level of anonymity) in chaining JAP and
> Tor. Is chaining them neutral (ie. no increased or decreased anonymity) or
> detrimental (with chaining them there is less anonymity conferred than if
> using just one or the other)?
Well I was raising it as a challenge: it would seem this suggestion
has problems, so what envisioned advantage are you suggesting? But if
you are a neophyte, that challenge isn't exactly fair. It may be that
there is a way to build something good out of this suggestion.
Aside: It is in fact somewhat similar to the hierarchical or
hydra---respectively two-headed hydra--design that has been part of
onion routing discussions going back ten years, although I don't
think any of that is in officially published stuff. The advantage
is to have Tor-like hiding of source (and in the two-headed case,
source and destination) but traffic aggregation advantages by
running it through larger pipes (possibly in a cascade) in the
middle (or at one end). If you don't follow what I'm saying just
ignore this aside.
But, on the face of it I see putting JAP after Tor as hurting (not
just neutral) because you have a more predictable exit point for your
traffic. And unless you abuse Tor, you will be worse than JAP alone
because you cannot have constant behavior clients in a relatively
persistent anonymity set. (That's in theory. I'm not sure I believe
JAP gets you that protection in practice even by itself, but I'm
trying to avoid going into a JAP vs. Tor debate on effective
protection. I'm sure the JAP team would say something quite
Bottom line: For the current systems I think it is worse not neutral
to combine them.
> Of course anonymity is just one factor - maybe speed would come into it as
> well. But just focusing on anonymity for now.
Running your system through two anonymizing systems rather than one
is not going to help your speed, or was that what you meant?