[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Matryoshka: Are TOR holes intentional?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
From: benjamin barber <barberb@xxxxxxxxxxx>
Date: Wed, 17 Jun 2015 22:59:04 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 18 Jun 2015 01:59:17 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:content-type; bh=iBVgOb4RJ7kl2c+BaSuezqvADi1h3J03ykWIwPWW29Y=; b=vS4GvF+McH+67RGk2oKzd8E5P0D4X45CfvZy3JWVoYJ2gbVOalzjShwc501kmR71RO +kHTe8/Ly5bxGxt/HZRLlpJtUyDfP1QfUPLZVxahcgILsQrxMf/KbQvx/LqO9KmJNcps dtg6RK8kjAn6pbSD+suBfqpG+f3PwSck9PR/0UkDThRBRcbeijthg7Av36jOtn2SnRAn 3DJFnaj2KSoCZ6lCEio4PL5FIGasEU52XP7ldbiuStkSHnZCcNbXL8o9vJb0dyURf3XV CN1BGdRNByD6dI7bKPRoPH0ixxW1WfAr18AGvxVd/k6Z1nR66WVwHOohpVDwxyTVImNC dNcA==
In-reply-to: <CAMTdTS-0j1Efpfg=2aMynD-rvQyu9nQjmRcRF-Ziq=ZV4q97Jw@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <CAD2Ti2-xVw_W2YDqkdQHmcHyKBDQjfT5jvc-8m3EAU8UkqxrUA@xxxxxxxxxxxxxx> <20150618045108.GE7957@xxxxxxxxxxxxxx> <CAMTdTS-0j1Efpfg=2aMynD-rvQyu9nQjmRcRF-Ziq=ZV4q97Jw@xxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

http://shofarnexus.com/Download

On Wed, Jun 17, 2015 at 10:43 PM, benjamin barber <barberb@xxxxxxxxxxx>
wrote:

> I didn't have a problem finding Matryoshka networks but not software
> called "Matryoshka", just as were not using running "onion software",
> some different software use the Matryoshka network method to communicate.
>
>
> On Wed, Jun 17, 2015 at 9:51 PM, Roger Dingledine <arma@xxxxxxx> wrote:
>
>> On Thu, Jun 18, 2015 at 12:02:45AM -0400, grarpamp wrote:
>> >  We also need to take a serious look at TOR, and
>> > without emotional bias, consider if a serious flaw was designed in.
>>
>> "Traffic analysis is the first hole plugged by Matryoshka, but ignored
>> by TOR."
>>
>> I couldn't figure out how to actually fetch this "Matryoshka" software,
>> but it sure looks like another case of somebody not understanding the
>> research field, and thinking that solving the traffic confirmation
>> attack is easy, without actually thinking through the engineering side,
>> the scaling side, or the statistics side.
>>
>> For background see e.g.
>> http://freehaven.net/anonbib/#danezis:pet2004
>>
>> It makes sense that if you think solving the problem is easy, you
>> wonder why Tor hasn't solved it.
>>
>> But even full scale padding, ignoring the practical side of how to get a
>> Tor network that can afford to waste so much bandwidth, doesn't provide
>> protection in the face of active attacks where you induce a gap on one
>> side and then observe the gap on the other side. And it might even be
>> the case that these gaps happen naturally by themselves, due to network
>> congestion and so on, so maybe passive observers will be winners even
>> against a design that does full padding.
>>
>> Also, to make it really work in practice, all users are going to need
>> to pad not just while fetching their web page or iso or whatever, but
>> sufficiently before and after that too, else an attacker can match up
>> start times and end times:
>> http://freehaven.net/anonbib/#murdoch-pet2007
>>
>> This is a great area for further research:
>> http://freehaven.net/anonbib/#ShWa-Timing06
>> http://freehaven.net/anonbib/#active-pet2010
>>
>> tl;dr the whole premise of this person's blog post is flawed, since
>> their design likely does not work as they think it does.
>>
>> --Roger
>>
>> --
>> tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
>> To unsubscribe or change other settings go to
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>>
>
>
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: benjamin barber

References:
- [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: grarpamp
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: Roger Dingledine
- Re: [tor-talk] Matryoshka: Are TOR holes intentional?
  - From: benjamin barber

Prev by Author: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by Author: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Previous by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Next by thread: Re: [tor-talk] Matryoshka: Are TOR holes intentional?
Index(es):
- Author
- Thread