[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy

To: or-talk@xxxxxxxxxxxxx
Subject: Re: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy
From: "The23rd Raccoon" <the.raccoon23@xxxxxxxxx>
Date: Tue, 30 Sep 2008 22:26:36 +0000
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Tue, 30 Sep 2008 18:26:49 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type :content-transfer-encoding:content-disposition:references; bh=xRMzkz9pYYC4/S7aZ3YMFaj/ypt9K44SqknSKDyEQRo=; b=n9cfwcXaTBvmy93o2fFVSK1N8PZeFZhRfusyMVandkoj6WY84SOWpbC9hmHaSjK6ir 1Dl0WivqOTlj63v3MmXnbOQuBrNqX+3n8rKFq1BVBUeZ8CvlNip9tMMeZP38+FKFzZeX QNgS/+MHVjZkRIx5KtJcxxAjTo3i75cr7FXNc=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:content-transfer-encoding:content-disposition :references; b=lHeaQ9yFZJ48v/N67yZYDa5+Amh2cNX4BU7GGvQx4O1ODlxQsphKlFnG9amM+nW0yy ES0zZ86+8rIXqcpsgLEKKZrnxBwh3KDeQoA4naDj0o8f96rahakqhsSnTLn/tQKXlfrv PCXJTh7sQrG/13J6251WVRrh3tHifCeW/onjs=
In-reply-to: <DB47CEDB-9C0F-40AB-9C88-2283EFF3B1CE@xxxxxxxxxxx>
References: <9f8d60d40809280527md0cebe4qef9150a89ba605ec@xxxxxxxxxxxxxx> <DB47CEDB-9C0F-40AB-9C88-2283EFF3B1CE@xxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Mon, Sep 29, 2008 at 1:02 PM, Sven Anderson <sven@xxxxxxxxxxx> wrote:
> Dear Raccoon,
>
> Am 28.09.2008 um 14:27 schrieb The23rd Raccoon:
>>
>> [2]. http://www.stinkymeat.net/
>
> thanks for that reference. Great!
>
> As for your article: as far as I can tell the calculations seem to be valid,
> but I wonder, why others didn't address this in their timing attack work
> before.

I think mainly because there is a heavy incentive to publish, which
tends to cause academics to try to show their results in the best light.
This doesn't lend itself well to showing a detrimental property of
detection, especially when nobody else does.

That said, it is important to publish potential attacks, even if they
are not terribly effective in their research implementation forms,
because it is likely that auxiliary factors, better correlation mechanisms,
and combination with other attacks may make them more effective in
the future, or in more limited cases. After all, IDS's suffer from this same
problem, and those devices seem to still be used.

All is not lost as well, as long as detailed measurements of false
positive and false negative rates are published that are derived from
large enough sample sizes on a realistic model of the network, it is
possible to derive the actual bayesian detection rate with an estimation
of the base event rate, as I have done here.

For future work, it would be interesting to run calculations on how many
visits you can expect to survive with a correlation detector of some
specified accuracy, and what your anonymity set is effectively reduced
to after each successive visit.

> One question: You assume 250,000 users and 5000 concurrent connections, so
> one connection per 50 users? Is this realistic? I know, that most of the
> time a user is idle, but still this seems to low to me, since once the user
> becomes active he will open several concurrent connections (like for opening
> a website). And why do you assume the number of users at all, I don't see a
> reference to it in your calculations.

I mentioned it just for reference, so that this sort of observation can
be made. I believe the current estimate for the number of Tor users is
on the order of 250k, but it's possible this has changed. To my
knowledge, a detailed study on the number of Tor users has not been
published, though.

To arrive at the 5000 streams number, I basically took the total exit
bandwidth on the network (about 121MB/sec) and divided it by what I
typically observed for transfer capacities (25KB/sec). Of course this
has several simplifying assumptions built in, but as a back of the envelope
number, it's probably not too far off just to drive home the point, especially
since it is likely an underestimation as you pointed out.

References:
- How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy
  - From: The23rd Raccoon
- Re: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy
  - From: Sven Anderson

Prev by Author: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy
Next by Author: Re: flash won't work with Tor enabled
Previous by thread: Re: How I Learned to Stop Ph34ring NSA and Love the Base Rate Fallacy
Next by thread: Force exitnode oddness
Index(es):
- Author
- Thread